Out of date, vulnerable browsers put users at risk
- — 09 November, 2012 23:21
Is your browser up to date? According to the results of a new survey from Kaspersky--a security software vendor--nearly a quarter of the browsers currently in use are out of date. Surfing the Web with a vulnerable browser is a recipe for disaster.
The Web browser has evolved to become the primary software used on many PCs. People access their email, surf websites, create documents and spreadsheets, access cloud-based file storage and sharing sites, and share with others on social networking sites--all through the browser. Attackers no this as well, which is why it is exceptionally risky to use a browser with known vulnerabilities.
Kaspersky gathered anonymous data through its cloud-based Kaspersky Security Network. Kaspersky researchers analyzed the browser usage data from millions of customers around the world, and uncovered some concerning trends.
- 23 percent of browsers are not current: 14.5 percent are still using the previous version, while 8.5 percent are using even older, obsolete versions.
- When a new version of a browser is released, it can take nearly 10 days for it to surpass the previous version in usage, and an average of about a month for a majority of users to upgrade.
The major browsers all have automatic update mechanisms in place. The easiest way to make sure your browser is current is to enable the automatic updates and let them do what they're meant to do--keep your browser up to date without requiring you to manage the process yourself.
There are some valid reasons for holding off on upgrading to a new browser version. Some users might feel like new versions just add arbitrary features--bells and whistles--they simply don't care about, so they choose to stick with the browser they're already comfortable with. Some users have been burned in the past by updating to a new version and finding out the hard way that some sites or plug-ins no longer work as expected--if at all.
Justifications aside, it's important to apply browser updates as quickly as possible. Why? Because attackers can craft new exploits and malware to attack vulnerabilities in a matter of hours. Users can't afford to shop online, check bank account balances, or access other sensitive data using a browser with known vulnerabilities.
As Kaspersky points out, the data also reinforces the need for users to have effective, up to date security software in place. Andrey Efremov, Director of Whitelisting and Cloud Infrastructure Research at Kaspersky Lab, said, "That means millions of potentially vulnerable machines, constantly attacked using new and well-known web-born threats. This is strong evidence of the urgent need for proper security software which is able to react to new threats in a matter of minutes, not days or even weeks."
With the holiday shopping season getting ready to kick off, millions of users will be researching gift ideas, and making holiday gift purchases online. Attackers have marked their calendars as well, and there will almost certainly be a spike in Web-based attacks. It's even more important during the holiday season to make sure you keep your browser, and your security software up to date.