According to a report by Kaspersky Lab, a significant number of PC users are using old - or even obsolete - versions of popular software despite vulnerabilities.
According to the report, over 132 million vulnerabilities have been discovered in various programmes, which accounts an average of 12 vulnerabilities per user among more than 11 million users.
Among the popular software programmes, Adobe Shockwave and Flash, Apple iTunes/QuickTime, and Java have highest number of vulnerabilities.
Despite vulnerabilities, the users of older and particularly dangerous editions of Oracle Java, Adobe Flash Player and Adobe Reader are highly reluctant to upgrade to newer and safer versions, the research revealed.
The security firm found that over 800 different vulnerabilities were discovered during last year of which, 37 were found on at least 10% of computers during one week in 2012.
Out of the 37 vulnerabilities only eight vulnerabilities are found in the widespread exploit packs used by cybercriminals which include five vulnerabilities in Oracle Java, two vulnerabilities in Adobe Flash Player and one vulnerability found in Adobe Reader.
Kaspersky Lab analysts said that the vulnerabilities account for 70% of all detected software flaws.
Kaspersky Lab vulnerability research expert Vyacheslav Zakorzhevsky said that a fix for a security loophole shortly after discovery is not enough to make users and businesses secure.
"Inefficient update mechanisms have left millions of users of Java, Adobe Flash and Adobe Reader at risk," Zakorzhevsky said.
"This, along with the whole series of critical vulnerabilities found in Java in 2012 and early 2013, highlights the need for the most up-to-date protection methods."
"Companies should take this problem very seriously, as security flaws in popular software have become the principle gateways for a successful targeted attack."
Despite the availability of a new version of Java, only 28.2% of users have upgraded to the safer version while over 70% are using the old programmes leaving their system vulnerable to Java exploits, the research added.
A 2010 version of Adobe Flash Player which is obsolete now is being used on an average of 10.2% computers while a vulnerable Adobe Reader version is still being used by 13.5% of users.
M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...
Established in 1957, BCS, The Chartered Institute for IT, promotes wider social and economic progress through the advancement of information...
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.