ActiveX biggest source of browser bugs
Readers of this blog will not be surprised to hear that ActiveX problems account for the large majority of security holes in Internet Explorer plug-ins. Greg Keizer writes about a new Symantec report:
ActiveX controls accounted for an overwhelming majority of all browser plug-in vulnerabilities in the second half of 2007, Symantec Corp. said this week in its semiannual Web security report.
Microsoft Corp.’s technology, which is used to create add-ins for Internet Explorer, accounted for 79% of the 239 plug-in bugs discovered between July and December of 2007, Symantec said. The plug-in with the next-highest number of flaws was Apple Inc.’s QuickTime, which had just 8% of the six-month’s total.
Note the statistics for the Firefox browser:
Only one vulnerability in a plug-in for Mozilla Corp.’s Firefox browser was detected in the same period, meaning Firefox’s extensions — the moniker Mozilla Corp. uses for plug-ins — accounted for only 0.4% of all flaws found.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.