Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

80% of Browsers Found To Be At Risk of Attack 196

Posted by CmdrTaco from the zomg-we're-all-gonna-die dept.
CWmike writes "About eight out of every 10 Web browsers run by consumers are vulnerable to attack by exploits of already-patched bugs, a security expert said Thursday. The poor state of browser patching stunned Wolfgang Kandek, CTO of Qualys, which presented data from the company's free BrowserCheck service Wednesday at RSA. 'I really thought it would be lower,' Kandek said. BrowserCheck scans Windows, Mac and Linux machines for vulnerable browsers, as well as up to 18 browser plug-ins, from Adobe's Flash to Windows Media Player. When browsers and plug-ins are tabulated together, between 90% and 65% of all consumer systems scanned with BrowserCheck since June 2010 reported at least one out-of-date component. In January 2011, about 80% of the machines were vulnerable. The most likely plug-in to require a patch: same as last year, Oracle's Java."
This discussion has been archived. No new comments can be posted.

80% of Browsers Found To Be At Risk of Attack More

80% of Browsers Found To Be At Risk of Attack

Comments Filter:

  • Self-selecting for failure (Score:4, Interesting)

    by RobertB-DC ( 622190 ) * on Thursday February 17, 2011 @02:08PM (#35234626) Homepage Journal

    So eight out of 10 browsers running the test failed it? That's not terribly surprising, since I have to install a plugin to run the test.

    I don't know Qualys from Quantas, so I'm highly unlikely to install their plugin just to find out whether my browser has vulnerabilities. In fact, I'm not terribly likely to install any plugins at all (though I'm enjoying Ghostery [ghostery.com] immensely).

    Now, let's assume for a moment that I'm the type to install any plugin that asks nicely and looks shiny. Gee, is it any surprise that Qualys' plugin isn't the first one I've accepted? And is it any surprise that I've got other issues?

    This test suffers from a terrible self-selection bias. Those most likely to take the "test" are the ones most likely to fail it.

  • Re:Java, obvious (Score:5, Interesting)

    by mswhippingboy ( 754599 ) on Thursday February 17, 2011 @02:46PM (#35235212)

    While I don't doubt the sincerity of your post, I certainly have had a different experience. I've been working with Java in large enterprise settings for over 15 years, with hundreds of stand-alone and web applications and I can't think of a single instance where upgrading to a newer version of Java caused an existing application to break. I know of one recent upgrade that broke Eclipse, but it was quickly regressed and the problem was really in Eclipse, not Java.

    I guess I've just been lucky.

Slashdot Top Deals

"If I do not want others to quote me, I do not speak." -- Phil Wayne

Close