Endpoint security vendor Bit9 has identified 15 popular applications it claims have well known vulnerabilities that pose a threat to enterprises.
The five applications that top Bit9's compiled list include Mozilla Firefox 1.0.7, Apple iTunes 6.02 and QuickTime 7.0.3, Skype 1.4, Adobe Acrobat 7.04/6.03, and Sun Java Run-Time Environment 5.0 update 3 and 1.4.2_6.
"Users just love to download applications," said Brian Gladstein, product marketing manager at Bit9. "There is no mechanism to secure these... certain versions of Firefox are very vulnerable, for example."
Even though Firefox may offer upgrades and patches, there is no way to ensure users have done that, he added.
Gladstein said that the company had compiled the list based on customer information. "These applications scored between 7 and 10 on the US-based National Vulnerability Database, so they are severe," he warned.
"These popular software applications are frequently downloaded to corporate desktops and can present serious risks for enterprise computing environments," said Dr. Todd Brennan, co-founder and CTO at Bit9.
"Understanding what software is actually running in your organization across your entire desktop environment is the first step in regaining application control and protecting your corporate infrastructure."
The company offers endpoint security solutions like Bit9 Parity and Bit9 ParityCenter that identify new unknown software, and block unwanted applications and spyware.