Featured Article from Software Licensing

Vulnerability Review 2017: Proactive Patching Required

March 13, 2017

I consider myself an altruistic individual, but when it comes to software vulnerabilities, one can never be too safe. Software vulnerabilities typically turn into entry points for hackers, and are leveraged to gain control over software or systems. Many are quick to say, “That could never happen to my company,” but the facts are plain to see, evil doers are out there, and your software may not be as secure as you think.

Today, Vulnerability Review 2017 was released by Secunia Research at Flexera Software, with some startling statistics. The report noted more than 17,000 vulnerabilities found in over 2,000 products investigated from 246 vendors. IT’s fight to secure the network is more complicated than most realize. The only way to have any chance at attaining absolute security is via complete visibility into applications in use, and to have procedures and firm policies in place. This way the team can address vulnerabilities as they are reported.

“The software supply chain is very unique in industry – it is not uncommon for software producers to release products containing exploitable vulnerabilities, which then becomes their customers’ problem. That is why software buyers must be vigilant when buying, managing, and securing their software,” said Kasper Lindgaard, Director of Secunia (News - Alert) Research at Flexera Software.

Now with the general “scary” out of the way, on to the silver lining; the report indicates 92.5 percent of applications in the “Top 50 Software Portfolio” affected by vulnerabilities have patches available. Furthermore, 81 percent of all known vulnerabilities have patches available to address them. The report notes a general jubilation in the increase in availability of patches; from last year to this there has been a decline in patch rates, which begs the question, is the software supply chain broken? Are firms not utilizing Software Vulnerability Management solutions?

The Vulnerability Review highlights PDF readers. Take Adobe (News - Alert) Reader, for instance. Some 40 percent of personal computers have the PDF reader installed, yet 75 percent of users ran the application unpatched. Unfortunately this serves as a shining example of what is taking place.

“As our report details, patches are available in the majority of times a vulnerability is disclosed. Companies need to take advantage of this knowledge, and actively apply patches in a timely manner,” continued Lindgaard.

Software Vulnerability Management is not an option. The threats presented in today’s digital era ask far more of IT teams than any time in history. As cautionary tales continue to mount, securing one’s network should be front of mind, but sadly this is not always the case. At least make it difficult for a hacker to complete his nefarious deeds. Altruism has a line; especially when it comes to ensuring my software is secure.

Got Software Vulnerability Management

Edited by Alicia Young
Article comments powered by Disqus