Firefox tops app vulnerability list

Powered by SC Magazine
 

Bit9 research reports 40 known severe vulnerabilities this year for the popular browser.

Bit9 research reports 40 known severe vulnerabilities this year for the
popular browser.


Mozilla's open-source Firefox browser recorded the highest number of severe vulnerabilities among popular consumer applications this year, according to new research from whitelisting firm Bit9 released today.

Versions two and three of the popular browser were found to have 40 known vulnerabilities over the course of the year. Second highest was Adobe Acrobat versions 8.1.2 and 8.1.1 with 31, and in third place was Microsoft Windows Live (MSN) Messenger versions 4.7 and 5.1 with 19 vulnerabilities.

The vendors usually came up with a patch for these vulnerabilities, but many firms do not have the policies in place to ensure they are pushed out to each endpoint, according to Bit9 chief technology officer Harry Sverdlove.

"We recommend all IT shops establish policies so they clearly understand what applications are allowed and what they should do if vulnerabilities are discovered," he advised.

"They should also take an inventory of what is running – it’s fine to have a policy but another thing to monitor."

Sverdlove also advised firms to put in place controls that prevent applications with vulnerabilities from running in the corporate environment.

Copyright ©v3.co.uk


Firefox tops app vulnerability list
 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 279

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 97

Vote