Amazon 7 #1 December 17, 2008 http://www.insidetech.com/news/articles/3605-firefox-heads-risky-business-app-list?referral=IT_nlet_20081217 The good old FF browser gets little love when it comes to security.’ - Firefox has its plate full when it comes to security. It has grown a substantial enough market share to place it in a strong second after Microsoft. This gives it a high profile and leaves it a desirable target to be exploited by hackers and malware writers. Worse yet, it has less money to fund security efforts that Microsoft, and according to some experts, less focus as well. While small market share browsers like Opera and Chrome have built a reputation on their security (with Safari’s reputation for insecurity being a notable exception), Firefox continues to plod along in a day to day fight, trying to remain a secure platform while dealing with the challenges of browser celebrity. Perhaps for this reason, Bit9, an application whitelisting firm that helps employers block employee access to certain apps, placed Firefox on the top its list of most vulnerable apps. The remaining spots on the list were filled out with more familiar names, with two through twelve respectively being: Adobe Flash & Acrobat; EMC VMware Player, Workstation, and other products; Sun Java Runtime Environment; Apple QuickTime, Safari, and iTunes; Symantec Norton products; Trend Micro OfficeScan; Citrix products; Aurigma and Lycos image uploaders; Skype; Yahoo Assistant; and Microsoft Windows Live Messenger. The Bit9 study looked at several factors in ranking vulnerability. One factor was how popular the applications were. Another factor was how many known vulnerabilities existed, and how severe they were. Lastly, it looked at how hard patching was for the particular application. In order to make the list, programs hand to run in Windows and not be centrally updatable via services such as Microsoft SMS and WSUS. Many say that the survey was unfair to Apple products because it kept easier patched Microsoft applications off the list. In some ways, though Bit9’s list is a useful benchmark. It aptly points out that many networks have Firefox installations running on machines, without the system administrator being fully aware of the instance of these installs. Thus, despite the fact that most of the vulnerabilities looked at have been patched, the installs may not receive these patches immediately, until the employee upgrades to the next edition of the browser. The study’s conclusions only marginally apply to the consumer market. However, when it comes to the business market, the study argues that picking or allowing employees to run Firefox, even with its security plug-ins, is a ticket to the IT danger zone as malware increasingly targets application layer targets such as Firefox. © 2008, DailyTech Quote Share this post Link to post Share on other sites
PhreeZone 15 #2 December 17, 2008 Funny enough... http://en-us.www.mozilla.com/en-US/firefox/3.0.5/releasenotes/ Just release for security holes. Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
hottamaly 1 #3 December 17, 2008 I had installed the upgrade to Firefox 3.0 and had nothing but problems when it came to needing to "print" something off the internet (like bank statements and such). It was garbled. They didn't have a fix for it yet so I went back to 2.0 and told them I didn't want 3.0 until it was running right. Skydiving gave me a reason to live I'm not afraid of what I'll miss when I die...I'm afraid of what I'll miss as I live Quote Share this post Link to post Share on other sites
Amazon 7 #4 December 17, 2008 QuoteFunny enough... http://en-us.www.mozilla.com/.../3.0.5/releasenotes/ Just release for security holes. Finally... you can browse in Esperanto... I am so relieved. QuoteOfficial releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available. Quote Share this post Link to post Share on other sites
popsjumper 2 #5 December 17, 2008 Well, so much or IE and FF...now on to the NBT*! To Infinity... and Beyond!!!!! next big thingMy reality and yours are quite different. I think we're all Bozos on this bus. Falcon5232, SCS8170, SCSA353, POPS9398, DS239 Quote Share this post Link to post Share on other sites
SuFantasma 0 #6 December 17, 2008 QuoteWell, so much or IE and FF...now on to the NBT*! To Infinity... and Beyond!!!!! Bring back NCSA Mosaic ! next big thingY yo, pa' vivir con miedo, prefiero morir sonriendo, con el recuerdo vivo". - Ruben Blades, "Adan Garcia" Quote Share this post Link to post Share on other sites
PhreeZone 15 #7 December 17, 2008 Lynx!Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
denete 2 #8 December 18, 2008 QuoteBring back NCSA Mosaic ! Mozilla...Firefox. Ta-da!SCR #14809 "our attitude is the thing most capable of keeping us safe" (look, grab, look, grab, peel, punch, punch, arch) Quote Share this post Link to post Share on other sites
jjiimmyyt 0 #10 December 18, 2008 This has been released by bit9 and its sort of a PR puff piece for their software. Have a look here http://www.theregister.co.uk/2008/12/12/app_threat_list/ Its a bit of a MS/bit9 fnord. "This isn't an iron lung, people. You can actually disconnect and not die." -Dave Quote Share this post Link to post Share on other sites
Broke 0 #11 December 18, 2008 Quotegopher! lol I haven't used gopher since way back in the dayDivot your source for all things Hillbilly. Anvil Brother 84 SCR 14192 Quote Share this post Link to post Share on other sites
SuFantasma 0 #13 December 18, 2008 Quotearchie! Veronica !Y yo, pa' vivir con miedo, prefiero morir sonriendo, con el recuerdo vivo". - Ruben Blades, "Adan Garcia" Quote Share this post Link to post Share on other sites
