Firefox tops app vulnerability list

Powered by SC Magazine
 

Bit9 research reports 40 known severe vulnerabilities this year for the popular browser.

Bit9 research reports 40 known severe vulnerabilities this year for the
popular browser.


Mozilla's open-source Firefox browser recorded the highest number of severe vulnerabilities among popular consumer applications this year, according to new research from whitelisting firm Bit9 released today.

Versions two and three of the popular browser were found to have 40 known vulnerabilities over the course of the year. Second highest was Adobe Acrobat versions 8.1.2 and 8.1.1 with 31, and in third place was Microsoft Windows Live (MSN) Messenger versions 4.7 and 5.1 with 19 vulnerabilities.

The vendors usually came up with a patch for these vulnerabilities, but many firms do not have the policies in place to ensure they are pushed out to each endpoint, according to Bit9 chief technology officer Harry Sverdlove.

"We recommend all IT shops establish policies so they clearly understand what applications are allowed and what they should do if vulnerabilities are discovered," he advised.

"They should also take an inventory of what is running – it’s fine to have a policy but another thing to monitor."

Sverdlove also advised firms to put in place controls that prevent applications with vulnerabilities from running in the corporate environment.

Copyright ©v3.co.uk


Firefox tops app vulnerability list
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 902

Vote