One of the most important problems for our devices is that they have security flaws. There are many vulnerabilities that can affect the system, the applications we use or any driver. However, on many occasions we do not fix them and that means that a hacker can take advantage of it. In this article we show how 4.5 million devices have vulnerabilities and how they could be exploited.
This is an investigation carried out by Rezilion. They have found that there are more than 4.5 million devices connected to the Internet that are vulnerable. This is a major problem, since all of them are exposed to possible attacks that will compromise the proper functioning, privacy, and security of users.
But how did we get to this situation? Specifically, they are devices that have some vulnerability detected between 2010 and 2020. That is, they have had plenty of time to correct them. But the most remarkable thing is that a large part of all these security flaws have been exploited in the last month. This means that they are vulnerabilities that are actually exploited by cybercriminals.
They assure that one of the main problems is the time that passes between the development of patches and the installation of the users. In many cases, developers send updates to fix vulnerabilities, but users take too long to install them or never install them at all.
This report highlights some of the most important vulnerabilities you should be aware of:
- CVE-2012-1823: Flaw affecting remote execution of PHP CGI code. It has been around for 10 years and affects half a million web applications.
- CVE-2014-0160: it is a bug that affects about 228,000 systems connected to the Internet and has been present for 8 years.
- CVE-2015-1635 – This Microsoft HTTP.sys remote code execution vulnerability is almost 8 years old.
How to avoid these problems
So what can we do to avoid falling victim to these vulnerabilities that affect millions of devices? How can we know if our devices are affected? Basically what you need to do is make sure you have all the patches installed. Having the latest versions means that you have possible updates installed that correct bugs.
Therefore, make sure to update the system. You should also apply the same thing we say to any program you have installed. For example browsers like Chrome, Microsoft Office or any application you use in your day to day. Always have the latest versions and this will allow you to make them work correctly, without errors. In short, as you can see there are millions of computers connected to the Internet with security flaws. There are scanners to detect vulnerabilities and hackers can use them to get to you. Always update the systems and have the latest versions available.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.