On a Windows 10 computer there are on average 14 fighting errors
The storage of systems aimed at known exploits is a complex task.
The vulnerability study – vulnerabilities that can act as a gateway for malware or allow an attacker to increase privileges – shows that Windows platforms have the largest number of vulnerabilities, but also tend to fix them quickly compared to Linux systems or devices such as routers, printers and scanners.
Kenna Security released a report based on vulnerability data selected from more than 9 million assets of nearly 450 organizations, collected by its cyber security research partner, the Cyentia Institute, and partly based on data collected by automated vulnerability scanners.
Windows administrators are more accustomed to regular restarts after decades of cooling.
The problem facing all organisations is that a huge number of vulnerabilities are reported – 18,000 per year on the Common Vulnerabilities and Exposures (CVE) list and others that are not on this list – and it is difficult to address these vulnerabilities. The degree of severity and likelihood of exploitation varies, so minimising poor performance requires good risk management. According to the article, only about 5% of vulnerabilities have been the subject of known exploits.
Researchers say 45 percent of weaknesses are corrected within one month, 66 percent within three months and 20 percent after one year are still uncorrected. But how many of them are at high risk? There is no direct answer to this question, but the survey shows that two thirds of companies do not notice a change or decrease in their vulnerability to high risk every month, so the overall situation is not so bad – at least not for this group of two thirds of companies.
The assets analyzed are largely excluding mobile devices, so the five most popular platforms are Windows 10 (25.3%), Linux (13.1%), Cisco (11.2%), Windows 7 (9%) and Windows 2012 (6.6%). It seems difficult for the economy to keep up: Windows Server 2016 is only 4.1% ahead of Windows 2008, while Windows Server 2019 is not even in the list.
Windows-based devices dominate, so the bad news is that a Windows-based system typically has 119 vulnerabilities that can be managed in a given month, compared to 32 for a Mac, 27 for Linux and 4 for devices. This includes both applications and operating system vulnerabilities, so many applications in Windows are not only Microsoft applications, but also third party applications. As a result, more than 71% of Windows devices have at least one high-risk open vulnerability, compared to 40% for Linux, 31% for Mac and 30% for devices.
On average, according to researchers, PCs with Windows 10 have 14 arming errors, while Windows 7 has 18.
That sounds bad, but the mitigating factor is that Microsoft platform assets are patched faster than other platforms, says the article. According to the report, the half-life of the vulnerabilities in the Windows system is 36 days. For network devices, this number increases to 369 days. Linux systems are slower to repair, with a half-life of 253 days. Given the speed with which the free software community tends to solve serious security problems, this may seem strange, but the data comes from scanners that check what is being used.
Researchers have suggested that after decades of climate control, Windows administrators are more accustomed to regular restarts, while large-scale Linux fleet management tools tend to lag behind Windows tools.
The almost unmistakable conclusion is that a predominantly Windows-based environment is both the most vulnerable in terms of known exploits and the easiest to repair.
When looking at the details of the report, you should also bear in mind that older Windows systems are usually more difficult to secure and that third-party Windows software is slower to repair than Microsoft software. Easily said, the absence of bloating is one of the conclusions.
What does a well-managed company look like when it comes to asset vulnerability management? This is a complex problem, but it has been proven that it is possible to select devices for the older version of Windows, minimize the number of applications and be careful on all systems, including Linux servers and devices, because this is where vulnerabilities last the longest.
But it’s just a piece of the security puzzle. The calculation of operational vulnerabilities is not equated with an assessment of the actual risks. Desktops are more vulnerable, not only because of the number of exploits, but also because someone is sitting on them surfing the internet and clicking on things. Researchers praise Microsoft’s efforts by saying… We see how Microsoft Windows systems achieve impressive recovery performance. And so is Apple.
However, there is a reason for this, because these systems involve a high risk of commissioning.
Webcast : Build a new generation of your business in the public cloud.google project zero salary