Here Are Some Scary Stats About Windows DevicesHere Are Some Scary Stats About Windows Devices
DuoSecurity analyzes Windows endpoints used by its customers and finds some dusty old applications in use.
November 1, 2016
Outdated Windows operating systems and applications are still par for the course in many enterprises today.
DuoSecurity studied some 1.26 million Microsoft Windows endpoint devices of its business customers, and found a disturbing chunk of old-school software in use. Tens of thousands of devices in the sample are running Windows XP, for example, and one-fifth of Internet Explorer browsers are out-of-date.
"What was most surprising to me was the browser data: 20% of all IE we see are older, non-supported versions," says Mike Hanley, director of security at DuoSecurity. "My hunch is that because they have this legacy application that, [for example], only works with IE 8, they continue to use IE 8," he says. It can be pricey for enterprises to update their legacy apps for a new browser version.
Among the other Microsoft endpoint findings by DuoSecurity:
· 65% of all Windows devices run Windows 7
· 98% of IE devices have Java installed
· 62% of IE devices have an outdated version of Adobe Flash installed
Hanley says the majority Windows 7 operating system wasn't too surprising, but it was disappointing. "A fully patched Windows 7 machine versus a fully patched Windows 10 machine" isn't the same thing, he says. "Windows 10 comes with more sophisticated security."
Windows 10 comes with an updated BitLocker feature that encrypts the entire hard drive as well as individual files, for example, plus the new Device Guard function that only allows trusted code to run on the machine.
Outdated OSes and applications obviously leave endpoints at risk. IE versions 8, 9, and 10, for example, are no longer supported by Microsoft, so users of these older versions could be a the mercy of older vulnerabilities and exploits. Most of the IE users in the sample—80%- run IE 11, and just 3%, Edge, according to Duo's report.
The XP devices in the sample were mostly desktops and laptops, not the usual suspects of kiosks or other devices.
A bit of good news from the survey: "Legacy IE usage has actually dropped off. Even if they're not running Windows 10, they are at least not using IE 8 as much," Hanley says, which is an improvement from data gathered by his firm earlier this year.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks