23% Users Still Run Outdated Web Browsers; Compromise Online Security

Research reveals that when a new version of a browser is released, it takes more than a month for most users to make the upgrade.

Web browsers are the most widely used pieces of computer software, installed on nearly every computer. The majority of current cyber attacks come from the web, utilising vulnerabilities in the web browser applications themselves, or outdated plug-ins within the browser. Therefore, it is extremely important for consumers to keep their choice of web browser up-to-date, with the latest security fixes and new protection features. Using anonymous data collected from the cloud-based Kaspersky Security Network, Kaspersky Lab analysed web browser usage patterns of its millions of customers around the world, and made some alarming discoveries.

Main Findings:

• 23 percent of users are running old or outdated web browsers, creating huge gaps in online security:14.5 percent have the previous version, but 8.5 percent still use obsolete versions.

• 77 percent of Kaspersky Lab’s customers use up-to-date browsers (the latest stable or beta versions).

• When a new version of a browser is released, it takes more than a month for most users to make the upgrade. Cybercriminals can move to exploit known browser vulnerabilities within hours.

• Internet Explorer is the most popular browser (37.8 percent of users), closely followed by Google Chrome (36.5 percent). Firefox is in third place with 19.5 percent.

• The proportion of users with the most recent version installed (August 2012): Internet Explorer – 80.2 percent; Chrome – 79.2 percent; Opera – 78.1 percent; Firefox – 66.1 percent.

• Transition periods (time required for the majority of users to switch to the most recent version): Chrome – 32 days; Opera – 30 days; Firefox – 27 days.

What Does It Mean?

This survey of consumer activity clearly shows that while the majority of Internet users are diligently updating their web browsers in a timely fashion, there are still tens of millions of users that expose themselves by not updating these crucial applications.

While this report is primarily comprised of consumer user data, corporations should pay particular attention to the results of this research, since consumers usually have more freedom in updating installed software such as browsers. As employees’ abilities to install updates are limited, using obsolete software is a common, and potentially dangerous, practice in business environments. Kaspersky Lab offers an efficient solution which makes it possible to discover and allow updates of outdated or vulnerable software, in full compliance with security policies.

Andrey Efremov, Director of Whitelisting and Cloud Infrastructure Research at Kaspersky Lab, said: “Our new research paints an alarming picture. While most users make a switch to the most recent browser within a month of the update, there will still be around a quarter of users who have not made the transition. That means millions of potentially vulnerable machines, constantly attacked using new and well-known web-born threats. This is strong evidence of the urgent need for proper security software which is able to react to new threats in a matter of minutes, not days or even weeks.”