One-Third of Security Vulnerabilities Remain Unpatched

Although the number of security vulnerabilities reported in the first half of 2019 have reported dropped a bit from last year, a new report by Risk Based Security states that 34 percent of the 11,092 vulnerabilities identified have not been patched to date.

The key findings of the report include the following:

The report also notes that remote vulnerabilities, those that happen over a network by an attacker that did not previously have access to a system accounts for the highest vulnerability experienced by companies in the first half of 2019. This is done through an SQL injection attack and according to Risk Based Security, the way to combat it is through sanitizing input. Another recommendation in the report is to use a vulnerability scanning tool that can look at the entire network and all devices connected to it since many organizations are unaware of all of the devices connected to the network. If a company is scanning and patching, more than one half of the reported vulnerabilities in the first half of this year could have been resolved.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.
National Law Review, Volumess IX, Number 241