The Security Detail

Feb 27 2011   9:59AM GMT

Is Your Browser Secure? I Doubt It



Posted by: Tony Bradley
Tags:
browser security
plug-ins
Qualys
vulnerabilities
Web browsers

The various browser vendors continue to enhance the security in the browser with each new release. For example, Internet Explorer 9 is significantly more secure than Internet Explorer 6. But, even if you are using the latest version of your chosen Web browser and you have kept it patched and up to date, there is still only a one-in-five chance that your browser is secure.

A study conducted by Qualys found that 80 percent of Web browsers have holes. Or, as InformationWeek phrases it, “Roughly 80 percent of browsers today are insecure, owing to their having a known vulnerability either in the browser itself, or due to a vulnerable plug-in, such as an outdated version of Shockwave, Flash, the Java runtime environment, or QuickTime.”

The article goes on to state that more than half of the vulnerabilities stem from plug-ins, adding, “The most common insecure browser plug-ins in use are (in order): Java, Adobe Reader, QuickTime, Flash, Shockwave, and Windows Media Player. Many of these plug-ins are widespread–97 percent of computers have the Adobe Flash plug-in installed, and 95 percent have one for Windows Media Player.”

The problem is that the browsers generally have an automatic update feature of some sort, and users are pretty good about keeping the browser up to date, but forget about the plug-ins. Even with updated plug-ins, though, there are still known vulnerabilities that remain exposed in the browsers themselves as well.

You can employ third-party tools like Invincea Browser Protection for an extra layer of defense, or just exercise extreme caution when surfing the Web. Rather than treating your Web surfing like you are strolling through your own back yard with an armed security escort, think of it like you got lost on the wrong side of town, your cell phone battery is dead, and you are trying to navigate dark alleys at night to make it safely home.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: