These software bugs are years old. But businesses still aren’t patching them

Almost two thirds of vulnerabilities on enterprise networks involve flaws which are over two years old which have not been patched, despite fixes being available. This lack of patching is putting businesses at risk of attacks which could often be easily avoided if security updates were applied.

Analysis by Bitdefender found that 64 percent of all reported unpatched vulnerabilities during the first half of 2020 involve known bugs dating from 2018 and previous years, which means organisations are at risk from flaws that somebody should have fixed a long time ago.

“The vast majority of organizations still have unpatched vulnerabilities that were identified anywhere between 2002 and 2018,” the report said.

Applying patches can be time-consuming, tedious and unrewarding work. But for cyber criminals, unpatched vulnerabilities provide a simple way to deploy cyber attacks and malware. But while businesses and users are encouraged to apply security patches to operating systems

Read More