A study conducted by Spiceworks found over two-thirds of organizations are running unsupported versions of Microsoft Office software, exposing them to potential cyber-attacks.

1,100 IT pros in the US, Canada, and the UK were polled and an overwhelming 68% admitted to still running some instances of Office 2007, even though support ended for this version in October 2016. Even worse? 46% admitted to running Office 2003; 21% Office 200; 15% Office XP (2002 Version); and even 3% claim to still be running Office 97.

It was concluded that mid-sized firms (100-1,000 employees) were more likely to run Office 2007, while larger organizations usually have more funds to keep up to date with the latest software.

According to the National Cyber Security Centre, outdated software creates two major issues from a security perspective:

1. The software will no longer receive security updates from developers, increasing the likelihood that exploitable vulnerabilities will become known to attacks

2. The latest security mitigations are not present in older software, increasing the impact of vulnerability, making exploitation more likely to succeed, and making detection of any exploit more difficult

It’s hard to believe after the recent WannaCry and NotPetya ransomware attacks that these many organizations continue to run outdated software knowing the risks they face. The WannaCry ransomware attack infected over 230,000 victims in more than 150 countries, as the ransomware was designed to ‘worm’ around networks, infecting all vulnerable systems on the network.  

As mentioned earlier, the problem with running outdated software is not just the lack of new features or improved functionality, it’s the known and exploitable vulnerabilities found within them. This problem can be even worse if found operating in a corporate IT environment, then you are posing a risk to the entire network.

 

Read this article in InfoSecurity Magazine

 

 

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.