Featured Article from Software Licensing

Flexera Software Announces Vulnerability Update

September 14, 2016




There are thousands of applications used by millions of people and organizations every single day. Whether it is widely used operating systems or niche products, all of these software run the risk of being compromised by individuals or entities looking for vulnerabilities that can be exploited. The new Flexera Software vulnerability update was just released with the top 20 products that have the most vulnerabilities in May, June and July 2016.

According to Flexera, provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, there were 2,686 number of recorded vulnerabilities across the top 20 products. The company creates this report based on data from its vulnerability database over a three month period along with insights from Secunia Research.

The largest instances of vulnerabilities were attributed to Microsoft (News - Alert) with 518 across its Windows 10, Windows Server 2012, Windows 8 and Windows RT operating systems. Flexera pointed out the need for timely patches in order to ensure the safety of users. This particular problem was exacerbated with the introduction of new operating systems by Microsoft, which left many users that didn't upgrade vulnerable. But the report revealed the number of users with unpatched Windows operating systems has been declining from 12.5 percent the previous year to 6.3 percent this year.  

However, Kasper Lindgaard, Director of Secunia (News - Alert) Research at Flexera Software, said, "The bad news is that the overall rate of vulnerabilities remains high, and specifically with respect to operating systems – underscoring the need for users to be diligent about patching their operating systems."

When it comes to niche applications serving a particular industry, the attack vectors are quite high. The example the report gave was the healthcare industry. The Philips (News - Alert) Xper Connect, a hospital information system had 272 vulnerabilities between May through July. In this instance Flexera points out the need to extend vulnerability management diligence across the entire software assets being used on corporate and personal systems and not just focus on systems that are known or most widely used.

Lindgaard said, "The healthcare industry, for instance, is a prime target for hackers looking to harvest Protected Health Information and Personally Identifiable Information for trading in the underground markets." If healthcare providers are not aware of the vulnerabilities in the software they use and make the necessary patches before the organization is compromised, it can prove to be very costly.

The breaches that resulted in the information of 79 million people at Anthem and the 10 million or more people each at Premera Blue Cross and Excellus Health Plan being compromised are recent examples.  These breaches resulted in record HIPAA violation fines and settlements by Federal health regulators.

With software being the engine that drives today's digital evolution, maintaining the continuous licensing compliance, optimize software investments and future-proofing from technology change is essential. Flexera Software not only highlights the vulnerabilities of today's most used software, but it also provides the tools businesses need to ensure the applications the use are safe at all times.




Edited by Maurice Nagle
Article comments powered by Disqus