Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:30 PM
Connect Directly

6 Eye-Opening Stats About Endpoint Device Health

New report shows state of endpoint patching and updates among a sample of 2 million devices.

A report out today on the state of endpoint device health shows that businesses today still face plenty of challenges in limiting the number of risky devices roaming in and out of their corporate networks.

Conducted by Duo Security and based on the 2 million devices utilizing its two-factor authentication platform, the study took a look at the condition of the operating systems and some of the apps on the devices logging into business environments. The results show that a sizable number of devices connect using devices containing out-of-date and even unsupported versions that introduce to business environments the risk of exploitation of vulnerabilities found in these versions.

Mac Users More Up-To-Date Than Windows....

The study showed that 53% of Mac OS users are running either the fully patched, latest version of OS X or the previous version, while just 35% of Windows users are on Windows 10 or Windows 8.1. As the researchers noted, there's still lots of vulnerable Mac devices out there and contrary to popular belief, these out-of-date endpoints are open to nasty privilege escalation vulnerabilities, among others.

 ...But More Macs Running Unsupported OS Versions

Even though the total percentage of out-of-date Windows devices outstrips similar Mac devices, Mac has more of a problem with users running completely unsupported OS versions. Duo found that among its sample of users, 8% of Apple users are running unsupported versions, while just 2% of Windows users are running unsupported operating systems.

Sizable Number Of Windows Devices Running Unsupported Versions of IE

A full quarter of Windows devices continue to run outdated and unsupported versions of Internet Explorer. More scary is the fact that at least half of all devices still running Windows XP are using IE 7 or IE 8. Overall, about 58% of all Windows devices are running the latest version of IE or Edge.

Google Chrome Users Have Best Update Track Record

Meanwhile, Google Chrome users tend to have the best track record for keeping their browser updated, with 82% of all Chrome users running the most up-to-date version of the browser, followed next by 66% of Firefox users running up-to-date browsers. Safari lags behind all others, with under half of those browsers fully up-to-date.

Majority Of Flash And Java Installs Out-Of-Date

Flash has overcome Java as the application most favored by zero-day exploits, but attackers don't even need to invest in expensive zero-day attacks to take advantage of either piece of software. This study shows that 60% of Flash users and 72% of Java users represented in this sample were running out-of-date versions.  

"While critical Flash and Java vulnerabilities often prompt emergency vendor patches, users still run outdated software on the devices used to log into their company applications that can put entire organizations at risk," the report notes.

Java Plug-ins Falling Out Of Favor; Flash, Not So Much

First the good news. The study notes that it appears that Java plug-ins are finally starting to be retired on a large scale. According to this study, 78% of devices had Java uninstalled. Researchers attribute Oracle's plans to deprecate the plug-in with JDK 9's update and the fact that Java is no longer a default install for browsers. However, Flash is hardly anywhere close to dead. Only about 20% of devices have Flash uninstalled. Expect the bad guys to keep hammering Flash in the year to come.

Related Content:

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.