According to the result of Bito research ,Java is a significant security risk to enterprises because it is the endpoint technology most targeted by cyber attacks,
Company's threat research team observed Java deployment statistics on approximately 1 million endpoints at hundreds of enterprises worldwide, and identified most of risks due to outdated versions of Java with many known vulnerabilities that remain widely deployed by many businesses.
Among the things discovered are that:
Most organizations has more than 50 versions of Java installed across all of its endpoints.
5 % of those enterprises have more than 100 versions of Java installed.
Most of the endpoints have multiple versions of Java installed, in part because the Java installation and update process often does not remove old versions.
Attackers can easily determine what versions of Java an enterprise is running and target the oldest, most vulnerable versions.
The popular version of Java running on more endpoints analyzed by Bit9 is version 6 update, which is present on 9 percent of all systems and has 96 known vulnerabilities of the highest severity.
And also Less than 1 percent of enterprises are running the latest version of Java.
“For the last 15 years or so, IT administrators have been under the misperception that updating Java would address its security issues."
They have been told that to improve security, they should continuously deploy Java updates on all of their endpoints. But in real they need to upgrade java not update, updating is not the same as upgrading. Until , those updates have failed to deliver the promised security upgrade because they have not removed older, highly intensed or vulnerable versions of Java they were intended to replace.
The company also found that it is fairly easy for attackers to target older versions of Java without the enterprise even realizing it. 82% percent of the analyzed endpoints are running the version 6 series of Java, which has the most known reported vulnerabilities.
Enterprise should concern about these old versions, if these are not used in their business then they should use a security check.
Company's threat research team observed Java deployment statistics on approximately 1 million endpoints at hundreds of enterprises worldwide, and identified most of risks due to outdated versions of Java with many known vulnerabilities that remain widely deployed by many businesses.
Among the things discovered are that:
Most organizations has more than 50 versions of Java installed across all of its endpoints.
5 % of those enterprises have more than 100 versions of Java installed.
Most of the endpoints have multiple versions of Java installed, in part because the Java installation and update process often does not remove old versions.
Attackers can easily determine what versions of Java an enterprise is running and target the oldest, most vulnerable versions.
The popular version of Java running on more endpoints analyzed by Bit9 is version 6 update, which is present on 9 percent of all systems and has 96 known vulnerabilities of the highest severity.
And also Less than 1 percent of enterprises are running the latest version of Java.
“For the last 15 years or so, IT administrators have been under the misperception that updating Java would address its security issues."
They have been told that to improve security, they should continuously deploy Java updates on all of their endpoints. But in real they need to upgrade java not update, updating is not the same as upgrading. Until , those updates have failed to deliver the promised security upgrade because they have not removed older, highly intensed or vulnerable versions of Java they were intended to replace.
The company also found that it is fairly easy for attackers to target older versions of Java without the enterprise even realizing it. 82% percent of the analyzed endpoints are running the version 6 series of Java, which has the most known reported vulnerabilities.
Enterprise should concern about these old versions, if these are not used in their business then they should use a security check.
Best MCA
ReplyDeletecolleges in noida
Best MSC IT
colleges in noida
Best M
TECH colleges in noida