- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
Internet Explorer and Firefox Vulnerability Analysis Report
For most people, their web browser is central to their interaction with the Internet, connecting to global web sites and helping them consume online services providing everything from booking flights to banking services to online shopping. This reality makes browsers a key tool when evaluating the security experience of users as the browser interprets Web content and programs delivered from around the world.
Over the past few years, there has been much discussion of the need for improvements in browser security, but few hard data studies performed to support assertions concerning the security of available browsers.
I've just finished up and posted for download a vulnerability analysis of Internet Explorer and Firefox, including fixed and unfixed vulnerabilities, that covers roughly the past three years since Firefox first released.
As usual for these, I want to post one chart as a teaser to get you to go look at the full report. In this case, I'm choosing one that looks at alternative upgrade paths. Let's say you deployed Firefox 1.0 and then Firefox 1.5 came out - did you upgrade immediately or did you wait until support for Firefox 1.0 was ending? (... or maybe you're still using 1.0... tsk tsk) Same question for 2.0. Take a look at this chart:
This chart looks at four cases starting back in the Autumn of 2004:
- Firefox 1.0 users that upgraded to 1.5 and 2.0 immediately
- Firefox 1.0 users that upgraded only when support ended
- IE 6 SP2 users that upgraded to IE 7 immediately
- IE 6 SP2 users that did not upgrade to IE 7
So, how do the findings line up with your expectations? Go over to this download page and download the full report to see other findings, including unfixed issues on the latest releases...
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Redefine Business Portability
- Prevent Mobile Devices from Loading Dangerous Code
- Expanding Your Security Perimeter: Common Sense for Navigating Today's Threat Landscape
- Fighting Fraud Videos: IBM Intelligent Investigation Manager
- IBM Intelligent Investigation Manager: Online Product Demo
- Webinar: IBM IIM for Fraud, Abuse and Waste in Government