Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Lack of Java and Flash Updates Leaving Businesses Vulnerable
A massive 81 per cent of businesses are running an out-of-date version of Java, while 40 per cent have not updated Flash, The Register has reported.
Citing a new study by security firm Websense, The Reg reported that only 19 per cent of enterprise Windows-based computers were found to be running the latest version of Java in the month of August, and quite shockingly, 40 per cent of enterprise Java requests were from browsers still operating with the old version of Java 6.
“The combined effect is that more than four in five Java requests are susceptible to two popular new Java exploits (CVE-2013-2473 and CVE-2013-2463),” The Reg said.
Both Java and Flash are enterprise favourites; however, they are also favourites of hackers, who routinely exploit add-ons in the browser. The Websense study showed that a massive 83.86 per cent of enterprise browsers had Java enabled; this is despite the technology rarely being needed to use websites. The security firm has advised users to disable the software.
Adobe Flash and Adobe Reader are both widely used by businesses, but the study showed that 40 per cent of users were running out-of-date software, with close to a quarter running Flash installations that are more than six months old. Worse still, 20 per cent were running one-year-old software and 11 per cent of users had Flash programs that are almost two years out of date.
“Java has become a primary gateway for hackers to enter today’s businesses and its vulnerabilities are being commoditised in the latest exploit kits,” said senior security manager at Websense Carl Leonard.
He went on to say that successful Java exploits are on the rise and that hackers know that the Java update poses a challenge for many organisations and so focus on targeting both new and old versions of the technology.
Cloud Web Security a must for Java and Flash users
If your business relies on Java and Flash for certain operations (and there is a good chance that it does), it is essential that you ensure you are running the latest versions of the technology. In addition to this, it is important that you protect yourself from potential exploits by installing ITWiser’s cloud web security. Our advanced cloud-based security software is able to detect and block threats at cloud level before they are allowed to enter the network and will safeguard your sensitive data against the growing problem of cybercrime.
Follow this link to find out more on how Cloud Web Security can help you.