Brian Krebs at the Washington Post “reports”:http://blog.washingtonpost.com/securityfix/2008/07/40_percent_of_web_users_surf_w_1.html on a “study”:http://blog.washingtonpost.com/securityfix/paper-insecurity-iceberg.pdf that found that 40% of Google users do not have all the latest security updates for their web browser. This means they’re susceptible to a broader range of drive-by download and other web-based attacks.
Google users may not be globally representative of the Internet using population, as we know that 60% of users in China use a search engine other than Google. However, it certainly represents a large portion of the Internet-using public.
Another finding was that Firefox users are the most likely, and IE users the least likely, to have an updated browser:
bq. The report concluded that Firefox users were more likely to be using the latest version because Mozilla’s patch process is the quickest and most painless (no arguments there). Firefox downloads updates automatically and prompts the user to install them immediately.
