Whether you are using Firefox or Internet Explorer, Maxthon or Opera, there is no "safe" browser. This statement comes from Symantec as part of its twice-yearly Internet Security Threat Report, which showed attackers were no longer primarly focusing on Internet Explorer.
While Internet Explorer remains the most frequently targeted browser, accounting for 47 percent of all attacks, in the first six months of this year more vulnerabilities have appeared in Mozilla Firefox than within IE. 47 flaws were discovered in Firefox, compared with 38 for IE.
"In order to protect against Web browser attacks, Symantec advises users and administrators to upgrade all browsers to the latest, patched versions," Symantec recommended.
Even Apple was not immune to security issues, with 12 vulnerabilities found during the report's period. In addition, some issues affected multiple browsers, which Symantec said comprised 31 percent of all attacks during the period.
While much could be made of Mozilla's rise to the top of reported flaws, it is normally the quickest in providing patches. Whereas Firefox flaws are patched in an average of one day after public disclosure, it takes Microsoft nine days. Opera was second fastest at two days, and Apple third at five days.
Besides the browser findings, Symantec also reported on other malware trends. The overall number of computer flaws rose to 2,249, up 18 percent from the second half of last year. This was a record for vulnerabilities discovered, said Symantec. Most of them -- 69 percent -- were Web-based issues.
In malicious code, Symantec found that five of the top ten new malicious code families were of the Trojan horse type. Malicious code was also going for personal information more frequently, with 30 of the top 50 code samples exposing data such as social security and credit card numbers.
Finally, among phishing and spam risks, the company said it had detected 157,477 unique phishing messages, a staggering 81 percent increase over last period. In addition, for the second time in Symantec's survey, spam comprised a majority of e-mail traffic at 54 percent.
By jbaltz69 posted Sep 25, 2006 - 9:46 PM
The browser has nothing to do with being safe on the internet, it's how smart the person using it is when it comes to browsing the internet by not going to suspect websites and downloading and installing things you aren't sure about.
Score: 0 By prndll posted Sep 25, 2006 - 8:39 PM
Only a complete moron (or someone that knows nothing about computers) would think there is such a thing as a 100% completely safe browser.
The idea is to have (and use) the "safer" one. But, in all reality...the only way to have the safest browser is just simply to never update.
Score: 0 By gmangw edited Sep 25, 2006 - 7:58 PM
"Transmission coming in sir. It's from Captain Obvious!"
"What's it say?"
"Uh... 'There is no safe browser'"
Theres a simple way to make any browser totally safe... disconnect your internet.
Score: 0 By yorkshireman50 edited Sep 25, 2006 - 7:33 PM
The more I see of the problems with IE, Firefox and Opera the more I am glad to have Netscape its seems to be problem free
as regular sweeps with antivirus programs show no attacks
Score: 0 By petgamer posted Sep 25, 2006 - 7:49 PM
Correct me if I'm wrong, but isn't Netscape based off Firefox?
Score: 0 By Banquo posted Sep 25, 2006 - 8:24 PM
Yes, Netscape is just a rebadged Firefox with a different theme.
Score: 0 By Tenoq posted Sep 25, 2006 - 8:44 PM
Actually I think the new Netscape uses both Firefox and IE elements... so in theory it's got the flaws of both systems. :P
I know for sure Netscape doesn't supply the patches to Firefox code as quickly as Firefox itself.
Score: 0 By crashoverride edited Sep 25, 2006 - 9:00 PM
Netscape can actually switch between the IE and Firefox rendering engines. The same functionality can be obtained on Firefox by installing the IEtab extension.
edit: and betanews just put my post in the wrong place.
Score: 0 By Johnbald01 posted Sep 25, 2006 - 7:28 PM
Yeah like I can believe anything they say when they cannot even make their bloated software work correctly. Duh talk to the hand............
Score: 0 By Browser12 posted Sep 25, 2006 - 7:19 PM
Yeah, and your software blows, So whats the point.
Score: 0 By Paul Skinner posted Sep 25, 2006 - 6:55 PM
Good job I use Opera then. 1 Secunia issue in 3 months. Can't get too much safer than that.
Score: 0 By MonacoMan103 posted Sep 25, 2006 - 6:47 PM
They should test IE 7 Release Candidate 7. Its security features can kick Mozilla's any day. Also, one of the reasons IE has so many vulnerbilities is because hackers want to affect as many people as possible so must work on trojans that work with the majority of web browsers (Internet Explorer). Although I do agree Microsoft should act quicker on patching fulnerbilities, Internet Explorer 7 (even though in RC stage) is still the better choice.
Score: 0 By GoodThings2Life edited Sep 25, 2006 - 6:29 PM
You can't patch "stupidity".....
Score: 0 By mjm01010101 edited Sep 25, 2006 - 6:21 PM
Found: 93 Secunia Security Advisories:
Score: 0 By nuttymcb edited Sep 25, 2006 - 6:12 PM
Seriously, it's pathetic that IE is at this level of vulnerability. Yes, it's a given that people will attempt to exploit the most popular browser the most, but the resources behind Microsoft versus Mozilla?
"Firefox flaws are patched in an average of one day after public disclosure." That makes me feel better than being told that there's no safe browser, which is obvious anyway.
Score: 0 By Pensador posted Sep 25, 2006 - 6:04 PM
"This browser is flawless -- you don't need our product anymore".
Score: 0 By 33Nick posted Sep 25, 2006 - 5:29 PM
Good points below.
A- Symantec is in the business of selling security and might we add, buggy software that cannot be uninstalled easily.
B- How many exploits were patched correctly, in a timely manner with Firefox compared to I.E.?
C- This is coming on the heels of more reports on how anti virus softwares makers are losing ground not being able to keep up with the slew of exploits.
Tough market to be in. Good PR stunt disguised in a study.
Score: 0 By Banquo posted Sep 25, 2006 - 5:20 PM
I'd rather have spyware and trojans on my system than that Symantec crap. Fortunately I don't have to have either.
Score: 0 By JustExtreme posted Sep 25, 2006 - 5:16 PM
Well if you're a ****ing pansy a** idiot who clicks on everything then what can you expect.....
Score: 0 By drumcat posted Sep 25, 2006 - 5:10 PM
Symantec is also in the business of SELLING software that can "protect" you. It's not baseless FUD, but it's FUD disguised as a marketing plan.
Score: 0 By crashoverride posted Sep 25, 2006 - 5:03 PM
"Symantec Says There's No Safe Browser"
Oh look the shmucks finally grew a brain.
Score: 0 By bourgeoisdude posted Sep 25, 2006 - 4:58 PM
I can't disagree with that.
"While Internet Explorer remains the most frequently targeted browser, accounting for 47 percent of all attacks, in the first six months of this year more vulnerabilities have appeared in Mozilla Firefox than within IE. 47 flaws were discovered in Firefox, compared with 38 for IE."
As I've said when the numbers were opposite from this--the number of flaws is not the big deal, only the number of unpatched exploits.
Score: 0 By The MAZZTer edited Sep 25, 2006 - 5:37 PM
Let's see how the numbers change when you divide both by the total flaws discovered per browser. This gives you the percentage of browser flaws discovered this month... higher numbers mean more flaws have went UNPATCHED until now. This way you get numbers that actually mean something, although you still have to take time into effect (remember IE6 has been out YEARS longer than Firefox, and thus, ideally, should have had more than enough time to work out any major code problems. Yet we see 38 more have popped up since March).
Score: 0 By DavidRantz posted Sep 25, 2006 - 5:04 PM
Re: the number of flaws is not the big deal, only the number of unpatched exploits.
Score: 0 By junimations edited Sep 25, 2006 - 6:07 PM
I work with tech support, and 50% of my calls have to do with some type of virus or spy ware. People are still ignorant on internet security. It is necessary that those young kids who are aware of these things teach the older crowd what not to click on and what not to do online. Symantec on the other hand is in the business of security and they will do anything to stay in business. They are probably exploiting these flaws and who knows may be even creating some of these Trojans. All you have to do is reverse engineer some of these browsers and you will find many flaws you can exploit.
Score: 0 By bourgeoisdude posted Sep 25, 2006 - 6:38 PM
"I work with tech support, and 50% of my calls have to do with some type of virus or spy ware."
Amen, man! Sadley, "hardware support" basically means there's a bunch of pi$$ed off callers that don't assist customers in removing those 433 spywares and 312 trojans. Format and reinstall? Yeah, we do that