Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Symantec: Mozilla browsers more vulnerable than IE
ZDNet News ^ | 9/19/2005 | Tom Espiner

Posted on 09/19/2005 7:01:42 PM PDT by Incorrigible

Symantec: Mozilla browsers more vulnerable than IE

Mozilla Web browsers are potentially more vulnerable to attack than Microsoft's Internet Explorer, according to a Symantec report. But the report, released Monday, also found that hackers are still focusing their efforts on IE.

The open-source Mozilla Foundation browsers, such as the popular Firefox, have typically been seen as more secure than IE, which has suffered many security problems in the past. Mitchell Baker, president of the foundation, said earlier this year that its browsers were fundamentally more secure than IE. She also predicted that Mozilla Foundation browsers would not face as many problems as IE, even as their market share grows.

Symantec's Internet Security Threat Report Volume VIII contains data for the first six months of this year that may contradict this perception.

According to the report, 25 vendor-confirmed vulnerabilities were disclosed for the Mozilla browsers during the first half of 2005, "the most of any browser studied," the report's authors stated. Eighteen of these flaws were classified as high severity.

"During the same period, 13 vendor-confirmed vulnerabilities were disclosed for IE, eight of which were high severity," the report noted.

The average severity rating of the vulnerabilities associated with both IE and Mozilla browsers in this period was classified as "high", which Symantec defined as "resulting in a compromise of the entire system if exploited."

The Mozilla Foundation did not immediately respond to requests for comment.

Symantec reported that the gap between vulnerabilities being reported and exploit code being released has dropped to six days on average. However, it's not clear from the report how quickly Microsoft and Mozilla released patches for their respective vulnerabilities, or how many of the vulnerabilities were targeted by hackers, though Microsoft generally releases patches only on a monthly basis.

Symantec admitted that "at the time of writing, no widespread exploitation of any browser except Microsoft Internet Explorer has occurred," but added that it "expects this to change as alternative browsers become increasingly widely deployed."

There is one caveat: Symantec counts only those security flaws that have been confirmed by the vendor. According to security monitoring company Secunia, there are 19 security issues that Microsoft still has to deal with for Internet Explorer, while there are only three for Firefox.

The report also highlighted a trend away from the focus of security being on "servers, firewalls, and other systems with external exposure." Instead, "client-side systems--primarily end-user systems--(are) becoming increasingly prominent targets of malicious activity."

Web browser vulnerabilities are becoming a preferred entry point into systems, the report stated. It also highlighted the trend of hackers operating for financial gain rather than recognition, increased potential exposure of confidential information, and a "dramatic increase in malicious code variants".

Tom Espiner of ZDNet UK reported from London. CNET News.com's Joris Evers contributed to this report.

Not for commercial use.  For educational and discussion purposes only.


TOPICS: Business/Economy
KEYWORDS: firefox; mozilla; propaganda
Navigation: use the links below to view more comments.
first 1-5051-100101-150151-200 ... 251-264 next last
Shocking!
1 posted on 09/19/2005 7:01:44 PM PDT by Incorrigible
[ Post Reply | Private Reply | View Replies]

To: Incorrigible

bwahahahaha


2 posted on 09/19/2005 7:02:46 PM PDT by fhlh (Polls are for strippers and liberal spin.)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

To: Bush2000; Golden Eagle; softwarecreator; rdb3; N3WBI3

Shocking!


4 posted on 09/19/2005 7:03:57 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Incorrigible

I could care less.I love Firefox.


5 posted on 09/19/2005 7:05:40 PM PDT by John W
[ Post Reply | Private Reply | To 1 | View Replies]

To: Incorrigible

Well, well, well ... whatta we have here?


6 posted on 09/19/2005 7:08:57 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Incorrigible

Coincidentally, Symantic is in the business of selling software that's largely based on false perception of vulnerability when good administrative network practices would suffice.


7 posted on 09/19/2005 7:09:48 PM PDT by SteveMcKing ("I was born a Democrat. I expect I'll be a Democrat the day I leave this earth." -Zell Miller '04)
[ Post Reply | Private Reply | To 1 | View Replies]

To: John W
i love FF too but hate the inability to stay at the post I am at when i refresh the page - it goes to the last post and i have to scroll up to where I was.

Any way around this?

8 posted on 09/19/2005 7:10:05 PM PDT by corkoman (Overhyped)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Incorrigible

Symantec has always been in bed with Microsoft.


9 posted on 09/19/2005 7:13:35 PM PDT by Extremely Extreme Extremist
[ Post Reply | Private Reply | To 1 | View Replies]

To: John W
I love Firefox.

So do I, but if you would have seen all the crowing about IE's vulnerability by some people on the tech pings, you would know why we are taking a wee bit of satisfaction in this.

10 posted on 09/19/2005 7:13:39 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Extremely Extreme Extremist
Symantec has always been in bed with Microsoft.

Great.  Now there's a mental image I just didn't need.

11 posted on 09/19/2005 7:14:39 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Incorrigible

I wonder how many share of Microsoft were handed over for that endorsement?


12 posted on 09/19/2005 7:15:02 PM PDT by DCPatriot ("It aint what you don't know that kills you. It's what you know that aint so" Theodore Sturgeon)
[ Post Reply | Private Reply | To 1 | View Replies]

To: corkoman
Any way around this?

Yes, Get IE.

Sorry, I've been waiting a long time to say that.  =)

13 posted on 09/19/2005 7:15:33 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Extremely Extreme Extremist
Symantec has always been in bed with Microsoft.

Of course.  Companies that make money stick with other companies that make money!

14 posted on 09/19/2005 7:17:03 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: DCPatriot
hmmmm .... so when anti-MS reports are put out, it's the gosplel truth ... but when a report comes out that makes MS look good it's a bribe or conspiracy.  Makes sense, I guess.
15 posted on 09/19/2005 7:17:46 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Incorrigible
Companies that make money stick with other companies that make money!

ouch.  Now that's gonna leave a mark.

16 posted on 09/19/2005 7:18:53 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: corkoman; softwarecreator
Any way around this?

Yes, Get IE.

I'll go one step further.  Get Internet Explorer with the MSN Toolbar.  You'll get Pop-up blocking, tabbed browsing, integrated search, form fill, etc....

MSN Toolbar

 

17 posted on 09/19/2005 7:19:55 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: corkoman
Any way around this?

Can someone ping me if there is a solution?

18 posted on 09/19/2005 7:20:09 PM PDT by Raycpa
[ Post Reply | Private Reply | To 8 | View Replies]

To: Raycpa
#17
19 posted on 09/19/2005 7:21:59 PM PDT by Incorrigible (If I lead, follow me; If I pause, push me; If I retreat, kill me.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: softwarecreator
Yes, Get IE.

And invite all the crap back in. Sure, that's a good idea. Not.

20 posted on 09/19/2005 7:22:49 PM PDT by Musket
[ Post Reply | Private Reply | To 13 | View Replies]

To: Incorrigible
Symantec admitted that "at the time of writing, no widespread exploitation of any browser except Microsoft Internet Explorer has occurred," but added that it "expects this to change as alternative browsers become increasingly widely deployed."

Most of the machines I work on that are compromised typically are owned by Net semi-literates who use only IE.

There is one caveat: Symantec counts only those security flaws that have been confirmed by the vendor.

Ding! We have a winner! The sun don't come up in the East if you refuse to admit it...

21 posted on 09/19/2005 7:26:39 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: softwarecreator
hmmmm .... so when anti-MS reports are put out, it's the gosplel truth

I didn't say that.

I said that to slow Mazilla down, the most respected security software company suddenly says Mozilla is more vulnerable than IE.

I've used IE since Windows arrived.

My computer has experienced less problems with Mozilla. That's all I need to see.

22 posted on 09/19/2005 7:26:45 PM PDT by DCPatriot ("It aint what you don't know that kills you. It's what you know that aint so" Theodore Sturgeon)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Incorrigible
That's what I have installed and when I use IE there are very few "intrusions".  It really does work pretty well.
23 posted on 09/19/2005 7:27:38 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: corkoman; Raycpa

Currently, it's not considered a bug per se, it's just how the Gecko engine keeps up with web pages that suddenly grow in size.

A few people are lobbying on Bugzilla to have this corrected, but it's not going anywhere yet, since the devs have bigger headaches than page positioning right now.

Of course, FF 1.5 will have 3200+ bugfixes: this might be among them.


24 posted on 09/19/2005 7:28:03 PM PDT by Terpfen (http://www.pattonhq.com/unknowntext.html)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Incorrigible

Be sure to keep active X going. That's where all the fun comes from ;-)


25 posted on 09/19/2005 7:29:04 PM PDT by W3BMAST3R101
[ Post Reply | Private Reply | To 17 | View Replies]

To: SteveMcKing
Coincidentally, Symantic is in the business of selling software that's largely based on false perception of vulnerability when good administrative network practices would suffice.

Symantec: RAM-sucking garbage that's nearly impossible to uninstall when you get a decent anti-virus program that's freeware.

Guaranteed to promise computer neophytes the world, then leave their machines exposed when the trial period runs out.

26 posted on 09/19/2005 7:29:33 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: W3BMAST3R101

"Be sure to keep active X going. That's where all the fun comes from ;-)"

Active X is your friend!


27 posted on 09/19/2005 7:31:42 PM PDT by jdm
[ Post Reply | Private Reply | To 25 | View Replies]

To: Incorrigible

All I know is I that after 8 months or so of using Firefox I have far fewer problems that can be blamed on my web browser. Not zero problems mind you...but far fewer.


28 posted on 09/19/2005 7:32:03 PM PDT by Artemis Webb
[ Post Reply | Private Reply | To 1 | View Replies]

To: DCPatriot
My computer has experienced less problems with Mozilla.

I do agree that from my experience FF has been less vulnerable to pop-ups and other spyware.  I have a router, firewall and anti-virus so I don't get too many "attacks" anyway.

Thing is, as most of us have said all along, the more popular FF becomes, the more appetizing it will become for hackers and that is starting to happen.

29 posted on 09/19/2005 7:32:53 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: softwarecreator
So do I, but if you would have seen all the crowing about IE's vulnerability by some people on the tech pings, you would know why we are taking a wee bit of satisfaction in this.

I saw a caveat in the article, didn't you?

IE: caveat emptor

30 posted on 09/19/2005 7:34:03 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: softwarecreator
Thing is, as most of us have said all along, the more popular FF becomes, the more appetizing it will become for hackers and that is starting to happen.

Agreed. IE's problem is that it IS the browser for the world at large.

31 posted on 09/19/2005 7:35:23 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: jdm
Be sure to keep active X going. That's where all the fun comes from

Active X has made me quite of bit of money over the years because companies have paid me to convert their Active X web sites into something less vulnerable to attack.

32 posted on 09/19/2005 7:35:30 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: softwarecreator

We have a study which just counts bugs and not one that considers how severe the bugs are..


33 posted on 09/19/2005 7:41:21 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 6 | View Replies]

To: softwarecreator

Along with systems running windows give lots of network administrators jobs :-D


34 posted on 09/19/2005 7:42:20 PM PDT by W3BMAST3R101
[ Post Reply | Private Reply | To 32 | View Replies]

To: softwarecreator
"hmmmm .... so when anti-MS reports are put out, it's the gosplel truth ... but when a report comes out that makes MS look good it's a bribe or conspiracy. Makes sense, I guess."

What makes sense to me is my own experience that IE allowed trojans, pop-up ads and cookies to infect my computer like water going through a sieve, until it started screwing with my ability to run some programs; I cleaned the s*** out, got FF and the problem stopped. Any questions?


35 posted on 09/19/2005 7:44:18 PM PDT by Al Simmons (America's Greatest Torch Singer - Chris Webster - www.babyswan.com)
[ Post Reply | Private Reply | To 15 | View Replies]

To: N3WBI3
We have a study which just counts bugs and not one that considers how severe the bugs are..

Ah, but this is only the beginning ... FF is quickly getting onto the radar of the hackers and the vulnerabilities will grow more severe as they pry deeper and deeper in mozilla's holes.  Don't forget, hackers have had 10 years to pick thru IE, as opposed to a couple of years with FireFox.

36 posted on 09/19/2005 7:44:24 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 33 | View Replies]

To: an amused spectator
This is all you need to know from this story:

According to security monitoring company Secunia, there are 19 security issues that Microsoft still has to deal with for Internet Explorer, while there are only three for Firefox.

37 posted on 09/19/2005 7:45:41 PM PDT by Gee Wally
[ Post Reply | Private Reply | To 31 | View Replies]

To: corkoman
i love FF too but hate the inability to stay at the post I am at when i refresh the page -

Why would you want to refresh in the middle of reading a thread?

38 posted on 09/19/2005 7:46:18 PM PDT by don-o (Don't be a Freeploader. Do the right thing and become a Monthly Donor!)
[ Post Reply | Private Reply | To 8 | View Replies]

To: corkoman
None of these are rated extremely critical by secunia... As opposed to 14% rated that bad for ie.

In addition only 14% of FF are still unpatched as opposed to 28% for IE

The largest source of FF vulnerabilities are spoofing (turn off IDN), the largest source of IE bugs are system access..

FF is a safer browser to use than IE, not perfect but a bit more secure..

39 posted on 09/19/2005 7:46:50 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 8 | View Replies]

To: softwarecreator

If it takes a half truth to make MS look good (ignoring severity and longjecvity) its kinda sad for ie users..


40 posted on 09/19/2005 7:48:56 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Incorrigible

In otherwords all the features that are built into firefox..


41 posted on 09/19/2005 7:49:31 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 17 | View Replies]

To: W3BMAST3R101
I've tried firefox and didn't like it. Didn't render some web pages correctly for some reason. Too used to IE, which by the way I've never had a problem with. I found this --> http://www.avantbrowser.com/ which is basically an IE shell. Very configurable, and it has tabbed browsing.I think it's the greatest thing since sliced bread.
42 posted on 09/19/2005 7:51:23 PM PDT by WSGilcrest (Tinky likes it!)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Al Simmons
I cleaned the s*** out, got FF and the problem stopped. Any questions?

Nope, but installing MS toolbar will eliminate these problems, at least it has proven reliable for me.

PS: I am a Detroit Tiger fan (and ½ Polish) so thanks for putting Al's pic up.  A little sports store in Hamtramck used to have his pic prominently displayed on the wall when I was a kid and I never forgot him.

43 posted on 09/19/2005 7:51:58 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: softwarecreator
Don't forget, hackers have had 10 years to pick thru IE, as opposed to a couple of years with FireFox.

Ill let you guess how old the engine for firefox is...

Im not saying they wont find bugs what I am saying is that the bugs they have found are less severe and fixed faster. I have stated a fact..

FF is quickly getting onto the radar of the hackers and the vulnerabilities will grow more severe as they pry deeper and deeper in mozilla's holes.

You have stated an opinion..

44 posted on 09/19/2005 7:53:12 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 36 | View Replies]

To: Extremely Extreme Extremist
Symantec has always been in bed with Microsoft.

[Insert gratuitous v.d. joke here]

45 posted on 09/19/2005 7:56:20 PM PDT by LexBaird (tyrannosaurus Lex, unapologetic, yet compassionate carnivore)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Incorrigible

46 posted on 09/19/2005 7:57:27 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 1 | View Replies]

To: N3WBI3
If it takes a half truth to make MS look good

Nah, one look at their Earnings Report, marketshare and total users will do that all by itself.

47 posted on 09/19/2005 7:58:09 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 40 | View Replies]

To: N3WBI3
Yeah, but you can download them for free and it takes very little time to install.

And I am pretty sure they will be built into IE7 so that kind of takes the strength out of your argument.

48 posted on 09/19/2005 8:00:53 PM PDT by softwarecreator (Facts are to liberals as holy water is to vampires.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: softwarecreator

I use Firfox becuase of the better speed on my dialup and its nice graphics and flexibility.

I also love the fact that in the "Favorites" folder it keeps the original site symbols instead of IE pirating them and converting them all into Microsoft generic folders.

Firefox is more theme versatile (Hate cats but love the red cats green flavor theme). It is also not bound so intregally into the OS. Big problem---delete Firefox and download it again.

I also use IE and some times use both browsers simultaneously.

That said, I also think that Microsoft has been maligned a bit unfairly. Of course all the hackers are going to attack the most widely-used browser. Microsoft has been timely and consistent with providing patches.


49 posted on 09/19/2005 8:02:12 PM PDT by TFMcGuire
[ Post Reply | Private Reply | To 15 | View Replies]

To: softwarecreator

Hey nobody has ever said they make bad business decisions..


50 posted on 09/19/2005 8:04:43 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 47 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-100101-150151-200 ... 251-264 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson