Security company Imperva says that almost all companies have internal databases with known vulnerabilities.
The average vulnerable database has 26 publicly disclosed flaws.
More than half of them are rated Critical or high severity.
They collected this data over the past FIVE YEARS.
While being internal does make it slightly harder for the hackers to get to it, all that means is that there needs to be one infected computer somewhere on the network and poof.
They say that many of the unpatched bugs are more than three years old.
Once the hackers are able to detect that a database is vulnerable, there are many ways to get free code to exploit it.
Different countries deal with this differently. France won the gold medal for most vulnerabilities, with 84% of their databases having at least one vulnerability and the average vulnerable database having 72 bugs. The US did better. Only – repeat only – 39% of the databases had at least one vulnerability and the average was 25 bugs.
Better check your patching protocol. Credit: Dark Reading