Secunia launched a free online Software Inspector last December, and since then over 350,000 inspections have been completed. As we’ve discussed before, the service scans your computer looking for specific applications (Acrobat, QuickTime, iTunes, Windows Media Player, Firefox, Thunderbird, Internet Explorer, Opera, and more) to make sure that you’re running the latest version.
I ran the scan myself to see how well I keep my programs up-to-date, and it turns out that I do a pretty good job:
However, Secunia is reporting that not everyone cares so much about updating their software. Out of the 350,000 scans that they have done, here are the percentages of people running out-dated versions of the applications:
|Internet Explorer 7||5.40%|
|Internet Explorer 6||9.61%|
In response to those numbers Secunia said that on average 28% of the applications were out-dated:
Most people using Windows and Microsoft products are usually aware of the monthly “Patch Tuesday” routine that Microsoft has set up, which can explain why the patch level for MS products are relatively high. These numbers also indicate that many people using Firefox and Opera are concerned about security and remember to keep their products updated.
But when it comes to other applications that don’t immediately seem that exposed, people tend to wait for an extended period of time before patching.
This constitutes a significant problem because many of those applications, like WinAMP and Quicktime, are readily used whenever users encounter media files of various kinds. Most people wouldn’t hesitate to open an .mpg, .jpg, .mov, or .mp3 file from any source if it seems the least bit interesting and relevant. It’s easy to embed a movie in your homepage, for example, and all it takes is one unpatched Quicktime vulnerability and a provocative video title to compromise a lot of visitors.
As you can see the updates are very important for more than just the browser, but users typically shrug them off as not necessary. So while you’re sitting there right now why don’t you open a new tab in your browser and run Secunia’s Software Inspector to make sure you are completely up-to-date (it does require that you have Java installed).