ANN ARBOR, Mich., Nov. 1, 2016 /PRNewswire/ Duo Security, a cloud-based Trusted Access provider protecting the world’s largest and fastest-growing companies, today announced its Trusted Access Report: Microsoft Edition. This is the second Trusted Access report coming from Duo. Findings include:

  • Sixty-five percent of all Windows devices are running Windows 7, released in 2009. Approximately 600 security vulnerabilities affect Windows 7.
  • Tens of thousand of devices are still running Windows XP 15 years after its release. This represents more than 700 vulnerabilities, 200 of which are rated as high-to-critical.
  • Twenty percent of devices running Internet Explorer (IE) are running unsupported versions 8, 9 and 10. IE versions 8 through 10 have reached end-of-life status without the ability to receive security patches, leaving them susceptible to old exploits. Of all devices running Microsoft browsers, only 3% are using the latest, Edge.

Mike Hanley, Duo’s Director of Security, said, “The majority of users on Microsoft operating systems and browsers are failing to take advantage of the latest and greatest security updates and capabilities, leaving them open to potential attacks. This creates a risky proposition for out-of-date devices accessing sensitive cloud services and applications.”

To analyze the current state of device security, Duo analyzed more than two million devices, 63 percent of which were running Microsoft operating systems.

In its analysis, Duo also found:

  • Nearly 62 percent of devices running IE have an old version of Flash installedpotentially making them susceptible to compromise by an exploit kit containing code for Flash vulnerabilities.
  • Ninety-eight percent of devices running IE have Java installed. Businesses have legacy and custom applications that rely on Java. Java remains a top target of attackers.
  • Forty-two percent of all devices analyzed used Microsoft services, including Remote Desktop Protocol, Outlook Web Access, and Remote Desktop Gateway.

To protect against the vulnerabilities discussed here, Duo recommends:

Click on the original source to continue reading.