The highest level of risk is due to users who have not yet applied the security update on QuickaTime. According to an analysis of more than 350,000 systems conducted in the last six months using Secunia’s free utility, Software Inspector, 33.1 percent of all QuickTime 7 installations had not applied available updates.
Compared to QuickTime, Internet Explorer 6 and Firefox are security models, according to Secunia. Only 9.6 percent of IE6 installations lacked any of the necessary security updates, while this figure dropped to 5.2 percent for Firefox.
This disparity is difficult to understand. Users know that browsers frequently have certain security holes, and therefore update them (especially in Microsoft products). However, the information from Secunia shows that beyond the operating system or the browsers, users do not usually apply security patches to the rest of the components as often as desired.
Part of the problem may be due to the fact that many applications lack automatic update mechanisms, leaving this task in the hands of users who must first recognize the seriousness of a particular vulnerability, to download and install the appropriate update later.
