A research has found that as many as 8 in 10 web browsers are vulnerable to hackers and criminals because they are not kept up-to-date.
The vast majority of users are not following the basic precaution of installing patches for known security holes, making them a relatively easy prey for identity thieves and other attackers, reports the Telegraph.
The finding comes immediately after the government estimated that cyber crime costs consumers 3.1bn pounds per year, out of a total cost to the economy of 27bn pounds. Businesses bear a 17bn pounds cost, the Cabinet Office said.
Exluding plug-ins, the security picture for browsers including Chrome, Firefox, Internet Explorer, Opera and Safari, and is less bleak. Only 25 per cent of those tested in January had unpatched vulnerabilities. This is because they are typically automatically updated, Qualys said. at the RSA ecurity conference in San Francisco.
But plug-ins, software add-ons which serve up many of the web's advanced features such as video and interactivity, are very often not automatically updated and leave users exposed.
The softest target is Oracle's Java plug-in, which was vulnerable to hacking on more than 40 per cent of the machines scanned. Adobe's Reader plug-in, which allows users to view PDF documents inside the browser window, is second, with around 32 per cent of installations in need of security updates.
Apple's Quicktime media player plug-in meanwhile has unpatched vulnerabilities on 25 per cent of machines.
The research was presented at the RSA security conference in San Francisco.