Close this search box.

The 5 biggest dangers of unpatched and unused software

patching unused software

Unpatched and unused software present some of the largest dangers to organizations we’ve ever seen.

From breaches from companies like Equifax and world-wide malware attacks like WannaCry, companies around the globe have experienced a security wake up call.
We spent over $80 billion dollars last year on security technologies, with an organization (of 1,000+ employees) spending an average of $15 million a year attempting to keep their business safe. This amount is a startling rise in spend which points to only one conclusion: the security issues are getting more intense and the tools to protect a company aren’t doing their job.

Often, the thought of unused software doesn’t cross the mind of the decision makers within the business.

But it should. There are dangers lurking beneath these idle applications and it’s important for the organization to understand what they are and why it’s a problem to keep out-of-date or out-of-use software cluttering the proverbial shelves of the business.

Here are the five biggest dangers that unused software poses to your organization:

  1. Unused software doesn’t get added to the inventory, positioning the business to be compromised
    A good SAM (Software Asset Management) tool provides the team with clarity which effectively reduces possible vulnerabilities from rogue applications. An up-to-date software inventory is a must. Without one, employees are stranded. How are they supposed to know if the software they want is authorized to download?
  2. It’s expensive and companies are losing valuable dollars
    In 2016, the US wasted over $30 billion dollars on unused software causing companies to overspend. Because of the communication gap between the decision makers, software that’s not needed accumulates, causing more and more dollars to maintain something that’s being misused or not used at all. You should treat software as an asset and invest wisely.
  3. Noncompliance is a nightmare
    If your software isn’t maintained or compliant, you’re going to have issues with vendors. Organizations can take advantage of licenses risking software re-harvesting. Going through an audit is a painstaking process and will force you to lose valuable productivity hours.
  4. Security breaches will run rampant on you
    Unused software is like an open door to malware. Malware can walk right in and attack your infrastructure from within. Easily.
  5. Productivity diminishes
    Who’s actually using the software within your business? What are they doing with it? If you don’t know the answers to these questions for every piece of software, it’s time to re-evaluate the renewal. Your users might be struggling with the required software and ultimately stop using it altogether.


The goal for your organization this year should be to get a clean slate.

Understand what your IT infrastructure looks like and then do something to enact appropriate changes. Stop wasting money and start spending smarter. Unpatched software is just as detrimental to an organization as unused software. Most organizations target a 90% patch success rate which- is good- but not good enough. That leftover 10% is an open door for hackers to waltz right in.

A survey by the Ponemon Institute showed that close to 60% of breaches over the past two years were attributable to unpatched software.

What’s even scarier is that 34% of companies knew about the vulnerability in advance of the attack. They simply didn’t get around to dealing with the problem.
Earlier I mentioned the Equifax breach. Their team knew about the security hole and didn’t even begin to patch it for a full two months. Over 148 million records were exposed because of this silly mistake. It’s still one of the biggest security breaches to date.
Don’t let your business join the list of unpatched software horror stories.

Here are the five biggest issues that unpatched software can cause to your organization:

      1. Bad Reputation (and no, we aren’t referencing Taylor Swift)
        Even companies that disclose their issues in a timely manner still lose a large portion of their business from having the vulnerability in the first place. As we already learned, 34% of businesses affected already know about the security problem! And have simply ignored it.
      2. High penetration rates, especially on Windows 7 or 8
        Organizations still relying on an older OS have the highest penetration rate, reaching over 87%. Patching is especially important to complete as soon as possible. Hackers already have a ton of ways to exploit these systems.
      3. Time and time again
        Most organizations don’t want to take the time to patch software. It can take months to recover if exploited. Most Windows client patches are installed automatically through Windows Update.
      4. Security breaches will run rampant on you
        Unpatched software is an open door to malware, just like unused software is. If you don’t keep your software up-to-date with fixes, hackers will abuse the outdated versions to infiltrate your system.
      5. No more apps mean unhappy employees
        According to the SANS Institute, applications and not your OS, are the worst offenders for not being patched. Businesses are less likely for employees to download and use the software of their choice because of this. If your employees don’t have the apps they like, they’re less likely to be productive and happy at work.

This infographic will show a visual breakdown of some of the worst security breaches from unpatched software. You definitely don’t want to end up on this list.
Now that you see the bigger picture related to unused and unpatched software, don’t you think it’s time to do some new year’s cleaning?


The FORRESTER WAVE™: End-User Experience Management, Q3 2022

The FORRESTER WAVE™: End-User Experience Management, Q3 2022