79% percent of the time, third-party libraries are never updated by developers after being included in a codebase – despite the fact that more than two thirds of fixes are minor and non-disruptive to the functionality of even the most complex software applications, Veracode research reveals. Open source libraries constantly evolve so what appears secure today may no longer be so tomorrow, potentially creating a significant security risk for software vendors and users.

Read full article on Help Net Security