CP
cyberpings
VulnerabilitiesHIGH

Vulnerabilities in Cybersecurity Software - 20% Fail Rate

IMInfosecurity Magazine
Absolute Security2026 Resilience Risk Indexpatch managementendpoint securityWindows 10
🎯

Basically, one in five security programs for businesses doesn't work properly, leaving them open to attacks.

Quick Summary

A new report reveals that enterprise cybersecurity software fails 20% of the time, exposing organizations to serious risks. With poor patch management and outdated systems, businesses are vulnerable to cyber threats. Urgent action is needed to improve security practices and protect sensitive data.

The Flaw

Recent research by Absolute Security has revealed a troubling statistic: 20% of enterprise cybersecurity software fails to protect devices. This means that organizations are potentially exposing themselves to cyber threats for about 76 days each year. The findings come from the 2026 Resilience Risk Index, which analyzed device-level telemetry across millions of endpoints. The report emphasizes that while innovations in cybersecurity are rapidly advancing, the reliability of these tools is lagging behind.

What's at Risk

The failure of cybersecurity software puts organizations at significant risk. With 24% of endpoint vulnerability management platforms operating outside of compliance, many enterprises are using software that is known to be vulnerable. This situation is exacerbated by slow patch management, where critical updates for systems like Microsoft Windows are delayed by an average of 127 days. Such delays increase the window of opportunity for attackers, leading to potential data breaches and operational downtime.

Patch Status

The report highlights a concerning trend: nearly 10% of enterprise endpoints are permanently unpatched. This is particularly alarming for organizations still using Windows 10, which has been out of support since October 2025. The lack of timely updates creates vulnerabilities that are difficult, if not impossible, to remediate. As the complexity of IT environments grows, organizations must prioritize effective patch management to safeguard their networks.

Immediate Actions

To combat these vulnerabilities, organizations must enforce strict policies around patch management. It is no longer sufficient to simply apply updates; organizations must ensure they can implement changes across all endpoints swiftly. This proactive approach is crucial as the role of endpoints continues to evolve in modern enterprise environments. As Christy Wyatt, CEO of Absolute Security, stated, "Cyber-attacks are inevitable, downtime is optional." By addressing these issues head-on, organizations can better protect themselves from the ever-present threat of cyber-attacks.

🔒 Pro insight: The high failure rate of endpoint security tools underscores the critical need for organizations to enhance their patch management strategies to mitigate exposure risks.

Original article from

Infosecurity Magazine

Read Full Article

Share

Related Pings

HIGHVulnerabilities

Vulnerabilities - Reverse Engineering Claude's CVE-2026-2796 Exploit

Claude's recent exploit of CVE-2026-2796 reveals a serious vulnerability in Firefox's WebAssembly. Users are at risk if this bug is exploited. It's crucial to stay updated and secure your systems.

Anthropic Research·
HIGHVulnerabilities

NetScaler ADC, Gateway Flaw - Critical Vulnerability Alert

Citrix has patched critical vulnerabilities in its NetScaler ADC and Gateway products. Organizations using these systems are at risk of session token theft. Immediate upgrades are recommended to prevent exploitation.

Help Net Security·
CRITICALVulnerabilities

Citrix NetScaler - Critical Flaw Exposes Sensitive Data

Citrix has identified a critical flaw in its NetScaler software that could leak sensitive data. Users need to update their systems immediately to prevent unauthorized access. This vulnerability poses a significant risk, especially for organizations using single sign-on configurations. Don't wait—patch your systems now!

Security Affairs·
HIGHVulnerabilities

Chrome 146 Update - Patches High-Severity Vulnerabilities

Google's latest Chrome 146 update fixes eight serious vulnerabilities. Users across all platforms must update immediately to avoid potential attacks. Delaying updates could expose sensitive data.

SecurityWeek·
HIGHVulnerabilities

DarkSword Exploit - Millions of iPhones Vulnerable Now

A dangerous exploit toolkit called DarkSword has leaked online, threatening millions of iPhones and iPads. Users are urged to update their devices immediately to avoid attacks. The risk is high, especially for those on outdated software.

Cyber Security News·
HIGHVulnerabilities

Vulnerabilities - 32% Are Over a Decade Old and Exploited

A recent report reveals that 32% of top-exploited vulnerabilities are over a decade old. This persistent risk highlights the need for organizations to update their security practices. As attackers exploit these weaknesses, the urgency for effective patching and vulnerability management grows.

Help Net Security·