Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Secunia's PSI Country Report - Q3 2013 SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Secunia's PSI Country Report - Q3 2013

On the heels of discussing Microsoft's Security Intelligence Report v15 wherein the obvious takeaway is "Windows XP be gone!", Secunia's just-released PSI Country Report - Q3 2013 is an interesting supplemental read. Here are the summary details:

  • Programs Installed: 75, from 25 different vendors
  • 40% (30 of 75) of these programs are Microsoft programs
  • 60% (45 of 75) of these programs are from third-party vendors
  • Users with unpatched Operating Systems: 14.6% (WinXP, Win7, Win8, Windows Vista)
  • Unpatched third-party programs on avg. PC: 10.7%
  • Unpatched MS programs: 4.1%
  • End-of-Life programs on average PC no longer patched by the vendor: 3.9%

Particularly interesting: "In the US, 79% of PC users who use Secunia PSI had Microsoft XML Core Services installed in Q3 2013. 50 % of these users had not patched the program, even though a patch is available. This means that an estimated 39.5 % of US PCs are made vulnerable by MSXML 4." Give the related Secunia blog post a read for more details as to why. Then get on with patching and removing that EOL software, folks. :-)

Russ McRee

196 Posts
ISC Handler
Nov 1st 2013

Sign Up for Free or Log In to start participating in the conversation!