Experts Say There Is No Safe Browser - 9-, 2006 – 27: 0
While Internet Explorer remains the most frequently targeted browser, accounting for 47 percent of all attacks, in the first six months of this year more vulnerabilities have appeared in Mozilla Firefox than within IE.
Whether you are using Firefox or Internet Explorer, Maxthon or Opera, there is no "safe" browser. This statement comes from Symantec as part of its twice-yearly Internet Security Threat Report, which showed attackers were no longer primarly focusing on Internet Explorer.
While Internet Explorer remains the most frequently targeted browser, accounting for 47 percent of all attacks, in the first six months of this year more vulnerabilities have appeared in Mozilla Firefox than within IE. 47 flaws were discovered in Firefox, compared with 38 for IE.
"In order to protect against Web browser attacks, Symantec advises users and administrators to upgrade all browsers to the latest, patched versions," Symantec recommended.
Even Apple was not immune to security issues, with 12 vulnerabilities found during the report's period. In addition, some issues affected multiple browsers, which Symantec said comprised 31 percent of all attacks during the period.
While much could be made of Mozilla's rise to the top of reported flaws, it is normally the quickest in providing patches. Whereas Firefox flaws are patched in an average of one day after public disclosure, it takes Microsoft nine days. Opera was second fastest at two days, and Apple third at five days.
Besides the browser findings, Symantec also reported on other malware trends. The overall number of computer flaws rose to 2,249, up 18 percent from the second half of last year. This was a record for vulnerabilities discovered, said Symantec. Most of them -- 69 percent -- were Web-based issues.
In malicious code, Symantec found that five of the top ten new malicious code families were of the Trojan horse type. Malicious code was also going for personal information more frequently, with 30 of the top 50 code samples exposing data such as social security and credit card numbers.
Finally, among phishing and spam risks, the company said it had detected 157,477 unique phishing messages, a staggering 81 percent increase over last period. In addition, for the second time in Symantec's survey, spam comprised a majority of e-mail traffic at 54 percent.
By Ed Oswald, BetaNews