See Resources

Exploits Against Obsolete Software

When obsolete software is detected on a scanned system, Qualys reports a high severity vulnerability. Software vendors either provide no patches for obsolete software, which clearly increases security risk over time. Or, software vendors provide private patches only to their customers with special support agreements, and Qualys does not have access to analyze private patches for vulnerabilities. It is therefore a best practice always to upgrade obsolete software as soon as possible.

To help demonstrate the risk of obsolete software, the Qualys Vulnerability Research Team periodically evaluates prevalent or important publicly available exploits against obsolete operating systems and software packages to determine if they are vulnerable. When an obsolete version is found to be vulnerable to an exploit, this information is integrated into the vulnerability detection to improve the accuracy and coverage of the detection. Findings from the Qualys Vulnerability Research Team are published below.

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Free Trial & Tools
Popular Topics