Firefox tops app vulnerability list

Powered by SC Magazine
 

Bit9 research reports 40 known severe vulnerabilities this year for the popular browser.

Bit9 research reports 40 known severe vulnerabilities this year for the
popular browser.


Mozilla's open-source Firefox browser recorded the highest number of severe vulnerabilities among popular consumer applications this year, according to new research from whitelisting firm Bit9 released today.

Versions two and three of the popular browser were found to have 40 known vulnerabilities over the course of the year. Second highest was Adobe Acrobat versions 8.1.2 and 8.1.1 with 31, and in third place was Microsoft Windows Live (MSN) Messenger versions 4.7 and 5.1 with 19 vulnerabilities.

The vendors usually came up with a patch for these vulnerabilities, but many firms do not have the policies in place to ensure they are pushed out to each endpoint, according to Bit9 chief technology officer Harry Sverdlove.

"We recommend all IT shops establish policies so they clearly understand what applications are allowed and what they should do if vulnerabilities are discovered," he advised.

"They should also take an inventory of what is running – it’s fine to have a policy but another thing to monitor."

Sverdlove also advised firms to put in place controls that prevent applications with vulnerabilities from running in the corporate environment.

Copyright ©v3.co.uk


Firefox tops app vulnerability list
 
 
 
Top Stories
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Images: the next frontier in data analytics?
Barclay’s global data chief says we’re still at the starting line.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  26%
TOTAL VOTES: 431

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 206

Vote