We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Most Desktop App Vulnerabilities Pose Extreme Risk
The report reveals that security professionals need to pay close attention to desktop applications because most vulnerabilities found in these types of apps can be extremely dangerous. Whenever new vulnerabilities are reported, Secunia Research issues Advisories assessing their criticality, attack vector and solution status. They also create signatures and tested patches for easy configuration and deployment. This intelligence by Secunia Research allows desktop admins to quickly identify and prioritise critical security patches. Without such information, operation teams struggle to keep up with the large amount of patches.
In 2017, 83 percent of the Secunia Advisories covering the top desktop applications were rated “Extremely” or “Highly” critical (compared to only 17 percent when you look at Secunia Advisories across all software applications ranked). Moreover, desktop applications are extremely vulnerable to attack via the Internet, making them attractive targets. 94 percent of advisories relating to desktop apps could be exploited through the Internet, without any interaction with the user, or the need for them to take any action.
Microsoft’s Automated Updates Aren’t Enough
The report also cautions users who incorrectly believe that Microsoft’s automated updates will shield them from vulnerability risk. In fact, the majority of desktop app vulnerabilities occur in non-Microsoft applications. 65 percent of the vulnerabilities reported in the 50 most common desktop applications were found in non-Microsoft apps. The report offers compelling evidence that to significantly reduce corporate risk, security teams must patch non-Microsoft and Microsoft applications.
“Organisations can improve security patching in just three steps,” added Lindgaard. “First, arm desktop admins with security Key Performance Indicators to keep security patching a high priority. Second, create an inventory of desktop apps to make installing a patch easier. Finally, put prioritisation and sourcing patches on a schedule, so patches are consistently monitored and applied quickly.”
The key takeaway? When armed with vulnerability intelligence, IT professionals can get ahead of security risks with patches for almost all vulnerabilities affecting the most common desktop applications. Flexera’s latest report offers a great starting point to help IT teams rethink their patch management strategy.
