Daily Talk Forum
  • Advertise
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
Daily Talk Forum › General Discussions › Technology, Computers and the Internet v
« Previous 1 ... 36 37 38 39 40 41 Next »

Browsers are the target of choice for hackers



Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
Browsers are the target of choice for hackers
forwardone Offline
Gold Member
*****
Gold Members

Posts: 6,705
Joined: May 2006
Reputation: 15
Post: #1
Browsers are the target of choice for hackers

Firefox Buggier, But IE Takes 9 Times Longer to Patch


Symantec's bi-annual Internet threat report shows vulnerabilities for IE, Firefox, and Safari have increased in the last six months.


By Gregg Keizer
TechWeb

Sep 25, 2006 03:42 PM

Browsers are the target of choice for hackers, Symantec said Monday in its bi-annual Internet threat report, which backed that up with data showing vulnerabilities for IE, Firefox, and Safari have increased in the last six months.

According to Symantec's Internet Security Threat Report, which was released Monday, 7 out of every 10 new vulnerabilities uncovered from January through June were bugs in Web applications. That's not good news, said Symantec, especially since the total number of vulnerabilities found in the six-month period hit 2,249, an 18 percent jump over the second half of 2005.

"The high number is due in part to the popularity of Web applications and to the relative ease of discovering vulnerabilities in Web applications compared to other platforms," went the report.

Bugs in browsers are the most significant of those Web application vulnerabilities. Here, too, the first half of 2006 was bad news for users, said Vincent Weafer, senior director of the Cupertino, Calif. security company's response team.

"The increase in vulnerabilities is a sign that attackers are targeting home and small business [users] through Web browsers," said Weafer.

Microsoft's Internet Explorer was pegged with 38 new vulnerabilities, a 52 percent increase over the previous period's 25 publicly-reported flaws. Apple's Safari sported an even dozen, a 100 percent jump over the 6 in the latter half of 2005.

But Mozilla's open-source browsers -- Firefox and the once flagship Mozilla -- took the new bug prize by Symantec's tally: 47 vulnerabilities in the first half of 2006, a 276 percent increase over the 17 disclosed during the July-December 2005 period. Mozilla Corp. released four security updates to its production edition of Firefox, v. 1.5, to fix those flaws.

Symantec has taken heat from Mozilla and its users for simply counting up the number of vulnerabilities. Weafer acknowledged that by pointing out that the attacks aimed at IE outnumbered those targeting Mozilla's browsers by more than 2 to 1.

"The lion's share of the attacks were against Internet Explorer," said Weafer.

Of all the attacks conducted against browsers, those that targeted IE were the largest: 47 percent the whole, said Symantec. Mozilla's browsers, meanwhile, were the target of 20 percent of the six months' attacks.

"That's not surprising, considering the sheer volume of [IE] users," added Weafer.

The second-largest target was dubbed "Multiple Browsers" by the report. "Some attacks target vulnerabilities that are present in more than one Web browser," stated the report. In June, for example, a JavaScript flaw in both IE and Firefox was noted by Symantec.

Weafer also noted that the open-source browser had a decided advantage over Microsoft's on a time-to-patch criteria. Firefox rivals such IE, Safari, and Opera were patched considerably faster in the first half of 2006 than they were in the last half of 2005, but Mozilla's beat them all. IE, for instance, had an average window of exposure, the time between an exploit appearing and a fix released, of 9 days, while Mozilla patched in 1 day. (Safari's window was 5 days, Opera's was 2.)

That news should make Mozilla Corp.'s new security chief, Window Snyder, happy. In an interview two weeks ago, Snyder argued that counting up the number of days users were vulnerable was a fairer comparison than tallying raw numbers of flaws. "Just counting up the bugs is not a good measure of how secure an application is," she said then.

Symantec's report can be downloaded in PDF format from the company's Web site.

Source:- Informationweek.com
09-26-2006 11:32 AM
Find all posts by this user Quote this message in a reply


« Next Oldest | Next Newest »
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Major websites hijacked by Turkish hackers forwardone 0 1,154 09-05-2011 01:00 PM
Last Post: forwardone
  Fighting pop-up ads with browsers cyrano 0 902 03-08-2009 07:46 AM
Last Post: cyrano
  Review: Updated Zunes, iPods make choice harder cyrano 0 1,592 09-20-2008 07:09 AM
Last Post: cyrano
  Handsets Next Target for 'Bad Guys' cyrano 0 814 04-28-2008 06:58 AM
Last Post: cyrano
  Report: 90% of Web Sites Vulnerable to Hackers cyrano 0 704 03-31-2008 07:58 AM
Last Post: cyrano

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Advertise on Daily Talk Forum
  • Webmaster Forum
  • cPanel Hosting
  • SEO Directory
  • Toronto
    • Contact Us
    • Daily Talk Forum
    • Return to Top
    • Lite (Archive) Mode
    • RSS Syndication
    • Help
    • Portal
    • Membership
    • Advertise
    • Banners
    • Privacy
    • Rules

    • Review DTF at Alexa
    • Review DTF at Nortons
    • Site Map

    • Links
    • Your Link Here
    Current time: 02-27-2021, 11:07 AM Powered By MyBB, © 2002-2021 MyBB Group Theme created by Justin S