Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Symantec: Mozilla browsers more vulnerable than IE
ZDNet News ^ | 9/19/2005 | Tom Espiner

Posted on 09/19/2005 7:01:42 PM PDT by Incorrigible

Symantec: Mozilla browsers more vulnerable than IE

Mozilla Web browsers are potentially more vulnerable to attack than Microsoft's Internet Explorer, according to a Symantec report. But the report, released Monday, also found that hackers are still focusing their efforts on IE.

The open-source Mozilla Foundation browsers, such as the popular Firefox, have typically been seen as more secure than IE, which has suffered many security problems in the past. Mitchell Baker, president of the foundation, said earlier this year that its browsers were fundamentally more secure than IE. She also predicted that Mozilla Foundation browsers would not face as many problems as IE, even as their market share grows.

Symantec's Internet Security Threat Report Volume VIII contains data for the first six months of this year that may contradict this perception.

According to the report, 25 vendor-confirmed vulnerabilities were disclosed for the Mozilla browsers during the first half of 2005, "the most of any browser studied," the report's authors stated. Eighteen of these flaws were classified as high severity.

"During the same period, 13 vendor-confirmed vulnerabilities were disclosed for IE, eight of which were high severity," the report noted.

The average severity rating of the vulnerabilities associated with both IE and Mozilla browsers in this period was classified as "high", which Symantec defined as "resulting in a compromise of the entire system if exploited."

The Mozilla Foundation did not immediately respond to requests for comment.

Symantec reported that the gap between vulnerabilities being reported and exploit code being released has dropped to six days on average. However, it's not clear from the report how quickly Microsoft and Mozilla released patches for their respective vulnerabilities, or how many of the vulnerabilities were targeted by hackers, though Microsoft generally releases patches only on a monthly basis.

Symantec admitted that "at the time of writing, no widespread exploitation of any browser except Microsoft Internet Explorer has occurred," but added that it "expects this to change as alternative browsers become increasingly widely deployed."

There is one caveat: Symantec counts only those security flaws that have been confirmed by the vendor. According to security monitoring company Secunia, there are 19 security issues that Microsoft still has to deal with for Internet Explorer, while there are only three for Firefox.

The report also highlighted a trend away from the focus of security being on "servers, firewalls, and other systems with external exposure." Instead, "client-side systems--primarily end-user systems--(are) becoming increasingly prominent targets of malicious activity."

Web browser vulnerabilities are becoming a preferred entry point into systems, the report stated. It also highlighted the trend of hackers operating for financial gain rather than recognition, increased potential exposure of confidential information, and a "dramatic increase in malicious code variants".

Tom Espiner of ZDNet UK reported from London. CNET News.com's Joris Evers contributed to this report.

Not for commercial use.  For educational and discussion purposes only.


TOPICS: Business/Economy
KEYWORDS: firefox; mozilla; propaganda
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100 ... 261-264 next last
To: N3WBI3
But a few minutes ago that was not your argument you said they only had a couple of years when in fact the engine is older than that of ie.

Not true, I said FireFox was only a few years old.   I never mentioned the engine.  The mozilla engine pretty much sat there being ignored after Netscape sank into oblivion, until FF became popular recently and now the hackers are taking notice and the risks are going to become more frequent and more severe .. of course, that's just my opinion, as you pointed out earlier.

61 posted on 09/19/2005 8:12:55 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 56 | View Replies]

To: Incorrigible

DEMZILLA

62 posted on 09/19/2005 8:13:21 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 57 | View Replies]

To: Incorrigible
afraid Janet Reno was going to send tanks

LOL!  And please include Bubba Clinton in that scenario ... he always has the women take the fall for his decisions!

63 posted on 09/19/2005 8:14:32 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 59 | View Replies]

To: Incorrigible
Sounds OK to me!

I second that!

64 posted on 09/19/2005 8:15:07 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 60 | View Replies]

To: N3WBI3
Soon, all your browsers are belong to us!

AOL'S TIME IS UP (Microsoft in talks to buy AOL)

 

65 posted on 09/19/2005 8:15:37 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 56 | View Replies]

To: Incorrigible
AOL'S TIME IS UP (Microsoft in talks to buy AOL)

MUWAHAHAHA ... soon we'll control the world!!!  

66 posted on 09/19/2005 8:17:27 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 65 | View Replies]

To: Golden Eagle

Hahahaha ... for a second I thought that link was to a new browser called Demzilla!!


67 posted on 09/19/2005 8:18:59 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 62 | View Replies]

To: Incorrigible
"During the same period, 13 vendor-confirmed vulnerabilities were disclosed for IE...

The keyword being "disclosed". M$ isn't exactly open about their vulnerabilities. Mozilla isn't trying to sell you anything, so they aren't concerned about losing market share by alerting users to a problem.

68 posted on 09/19/2005 8:19:13 PM PDT by shadowman99
[ Post Reply | Private Reply | To 1 | View Replies]

To: Incorrigible
What makes you think I give a fat rats behind about AOL? Thank goodness MS is buying them, I just don't know which company to feel sorry for but Ill enjoy figuring it out over the next few years..

MS makes money, good for them. I hope they continue to do well, lord know 2K, 2k3, and 2k5 were huge steps in the right direction. Im glad to see them use DNS and join the rest of us in the early 90's.. Seriously though I have no issues with 2k3, nice OS... Just not my favorite..

69 posted on 09/19/2005 8:19:58 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 65 | View Replies]

Comment #70 Removed by Moderator

To: corkoman

Try clicking on the post number of that one or the one before it.

It should refresh and put you back at that post.


71 posted on 09/19/2005 8:20:13 PM PDT by eyespysomething ("The Constitution is the court's taskmaster and it's Congress' taskmaster as well" John G. Roberts)
[ Post Reply | Private Reply | To 8 | View Replies]

To: softwarecreator
BTW, you guys see this:

http://minimsft.blogspot.com/

Let's slim down Microsoft into a lean, mean, efficient customer pleasing profit making machine! Mini-Microsoft, Mini-Microsoft, lean-and-mean!

 

72 posted on 09/19/2005 8:20:46 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 64 | View Replies]

To: don-o
Why would you want to refresh in the middle of reading a thread?

If you are reading an active thread and get to the end, you click on the refresh button to see all the latest replies. When you do that it goes to the end of the thread and you have to scroll up to the last one you read.

Get it?

73 posted on 09/19/2005 8:21:16 PM PDT by It's me
[ Post Reply | Private Reply | To 38 | View Replies]

To: SteveMcKing
Coincidentally, Symantic is in the business of selling software that's largely based on false perception of vulnerability when good administrative network practices would suffice.

Exactly.

I don't run any antivirus software, and I've never had a virus. I run Windows. It's just a matter of using a little common sense and a half-decent external firewall. Antivirus software is a security blanket for the clueless.

74 posted on 09/19/2005 8:21:32 PM PDT by cynwoody
[ Post Reply | Private Reply | To 7 | View Replies]

Comment #75 Removed by Moderator

To: Jokelahoma
The ass clowns who write spyware, trojans, worms, etc. aren't going to write it for an OS or application that about 6 people use.

There have been viruses for cellphones with a user base of less than 100K

That's not the way to get recognition from your homies.

Hmm write a virus for windows which happens about every 6-10 months or write a Linux virus which happens far less often and could cripple Google, Amazon, and a ton of other big name site. Better yet write one for Mac and be the first.. which do you think would get more 'props'.

76 posted on 09/19/2005 8:24:22 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 70 | View Replies]

To: Golden Eagle

Huh?

You want a real party member? Try YHOO. Remember what old Vlad said about capitalists and rope!

77 posted on 09/19/2005 8:27:58 PM PDT by cynwoody
[ Post Reply | Private Reply | To 46 | View Replies]

To: Incorrigible
Let's slim down Microsoft into a lean, mean, efficient customer pleasing profit making machine!

They are a bit bloated, that's for sure.  Somehow this sounds like permanent layoffs are coming.  And to think I almost came thisclose to going to work for them.

78 posted on 09/19/2005 8:28:48 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 72 | View Replies]

To: eyespysomething
Try clicking on the post number of that one or the one before it. It should refresh and put you back at that post.

We Got A WINNER!!!!

Tanks - never would have tried that.

79 posted on 09/19/2005 8:29:27 PM PDT by corkoman (Overhyped)
[ Post Reply | Private Reply | To 71 | View Replies]

To: N3WBI3
which do you think would get more 'props'.

The one that knocks out more businesses, which would be Microsoft-based.

Of course there are those who write for the lesser used OS. I'm sure there's an O/S2 virus out there somewhere. But I'll restate what I said before. Popularity breeds contempt, especially in the IT world.

80 posted on 09/19/2005 8:31:33 PM PDT by Jokelahoma (Animal testing is a bad idea. They get all nervous and give wrong answers.)
[ Post Reply | Private Reply | To 76 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100 ... 261-264 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson