Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

80% of Browsers Found To Be At Risk of Attack 196

Posted by CmdrTaco from the zomg-we're-all-gonna-die dept.
CWmike writes "About eight out of every 10 Web browsers run by consumers are vulnerable to attack by exploits of already-patched bugs, a security expert said Thursday. The poor state of browser patching stunned Wolfgang Kandek, CTO of Qualys, which presented data from the company's free BrowserCheck service Wednesday at RSA. 'I really thought it would be lower,' Kandek said. BrowserCheck scans Windows, Mac and Linux machines for vulnerable browsers, as well as up to 18 browser plug-ins, from Adobe's Flash to Windows Media Player. When browsers and plug-ins are tabulated together, between 90% and 65% of all consumer systems scanned with BrowserCheck since June 2010 reported at least one out-of-date component. In January 2011, about 80% of the machines were vulnerable. The most likely plug-in to require a patch: same as last year, Oracle's Java."
This discussion has been archived. No new comments can be posted.

80% of Browsers Found To Be At Risk of Attack More

80% of Browsers Found To Be At Risk of Attack

Comments Filter:

  • Slashvertisement (Score:5, Insightful)

    by suso ( 153703 ) * on Thursday February 17, 2011 @02:02PM (#35234534) Journal

    Not getting enough hits? Slashvertisement can work for your company too. Call today!

  • I would have thought this closer to 100% (Score:4, Insightful)

    by mswhippingboy ( 754599 ) on Thursday February 17, 2011 @02:04PM (#35234562)
    Since new exploits are identified each day.

  • Re:I would have thought this closer to 100% (Score:5, Insightful)

    by SudoGhost ( 1779150 ) on Thursday February 17, 2011 @02:07PM (#35234612)
    I would have thought it closer to 100% since about 100% of browsers are used by people, which are the biggest security flaws in any system.

  • Updating Java (Score:5, Insightful)

    by Anonymous Coward on Thursday February 17, 2011 @02:12PM (#35234692)

    Perhaps people would be more keen to update their Java version if the installer didn't keep trying to spring a surprise 'Install Yahoo! Toolbar' move on them on EVERY patch.

  • Java, obvious (Score:4, Insightful)

    by Bobfrankly1 ( 1043848 ) on Thursday February 17, 2011 @02:14PM (#35234730)

    The most likely plug-in to require a patch: same as last year, Oracle's Java."

    Of course, this has nothing to do with the fact that new versions of Java tend to break existing java based applications and utilities. You can use the new version of Java, or you can use the older one that works with your mission critical enterprise tools.

  • Not even remotely surprised (Score:4, Insightful)

    by jimicus ( 737525 ) on Thursday February 17, 2011 @02:30PM (#35234962)

    I've been saying this for some time: Windows (and to a lesser extent OS X) needs an API so updates are centralised, configured and installed from a single interface.

    OS X has the app store. Linux distributions have repositories. Both of these solve this problem very neatly, and it's a lot easier to keep everything up to date. But I don't think centralised distribution is necessary - just an API call so you can say to the operating system "this is the name of the application, this is an RSS feed where updates are published, this is the key with which updates will be signed, this is how frequently you should check for updates" would probably solve most of the problems.

    The mess we have right now is the reason why there is always something on a PC that needs updating.

  • Re:Slashvertisement (Score:2, Insightful)

    by Anonymous Coward on Thursday February 17, 2011 @02:31PM (#35234980)

    This is a slashvertisement, but at least it was for something useful this time. I just patched 3 browsers based on the results.

Slashdot Top Deals

Anyone can make an omelet with eggs. The trick is to make one with none.

Close