Firefox tops app vulnerability list

Powered by SC Magazine
 

Bit9 research reports 40 known severe vulnerabilities this year for the popular browser.

Bit9 research reports 40 known severe vulnerabilities this year for the
popular browser.


Mozilla's open-source Firefox browser recorded the highest number of severe vulnerabilities among popular consumer applications this year, according to new research from whitelisting firm Bit9 released today.

Versions two and three of the popular browser were found to have 40 known vulnerabilities over the course of the year. Second highest was Adobe Acrobat versions 8.1.2 and 8.1.1 with 31, and in third place was Microsoft Windows Live (MSN) Messenger versions 4.7 and 5.1 with 19 vulnerabilities.

The vendors usually came up with a patch for these vulnerabilities, but many firms do not have the policies in place to ensure they are pushed out to each endpoint, according to Bit9 chief technology officer Harry Sverdlove.

"We recommend all IT shops establish policies so they clearly understand what applications are allowed and what they should do if vulnerabilities are discovered," he advised.

"They should also take an inventory of what is running – it’s fine to have a policy but another thing to monitor."

Sverdlove also advised firms to put in place controls that prevent applications with vulnerabilities from running in the corporate environment.

Copyright ©v3.co.uk


Firefox tops app vulnerability list
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 340

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote