Unpatched Software
- Threat Areas
- Integrity
- General Likelihood
- High
Description
Unpatched software is a security threat because it can contain vulnerabilities that have not yet been addressed by the software vendor. These vulnerabilities can be exploited by attackers to gain unauthorized access to systems, steal sensitive information, or disrupt operations.
Here are some specific ways in which unpatched software can pose a threat:
- Data breaches: Unpatched software can make it easier for attackers to gain access to sensitive data, such as login credentials, financial information, or confidential business documents. This can lead to financial losses, damage to an organization's reputation, and legal consequences.
- System compromise: Unpatched software can also make it easier for attackers to gain access to and compromise systems, such as servers or databases. This can include installing malware, modifying system settings, or deleting critical data.
- Network disruption: Unpatched software can also be exploited to disrupt the operation of networks, such as by launching denial of service attacks or spreading to other systems on the network. This can lead to operational disruptions and lost productivity.
Assessment
Mitigations
To protect against these types of threats, it is important for individuals and organizations to ensure that all software is kept up to date with the latest patches and updates. This includes both operating systems and applications. It is also a good idea to set up automatic updates to ensure that software is patched as soon as updates are available. By following these steps, individuals and organizations can significantly reduce the risk of unpatched software being exploited by attackers.
In the Wild
There have been many high-profile attacks that have been enabled by unpatched software. Here are a few examples:
- WannaCry: The WannaCry ransomware attack that occurred in 2017 exploited a vulnerability in Microsoft Windows that had not been patched by many organizations. The attack affected over 200,000 computers in 150 countries and demanded a ransom from victims to restore access to their files.
- Equifax data breach: The data breach at credit reporting agency Equifax that occurred in 2017 was also enabled by unpatched software. The attackers exploited a vulnerability in a web application that had not been patched, allowing them to access and steal the personal data of over 147 million people.
- Target data breach: The data breach at retail giant Target that occurred in 2013 was also enabled by unpatched software. The attackers gained access to the company's systems through a vendor's account and were able to steal the personal data of over 40 million customers.
- SolarWinds supply chain attack: The SolarWinds supply chain attack that occurred in 2020 was also enabled by unpatched software. The attackers gained access to the software company's systems through an unsecured network and installed malware on the systems, which was later used to target the company's customers.