News

Opera Beats IE in Browser Web Security

Microsoft's efforts on combating server-side Web vulnerabilities, as well as patching its Internet Explorer client, may be paying off.

A report from application security firm Cenzic, announced this week, looked at various Web security issues in the first half of this year. Vulnerabilities in the top four browsers was one focus the study, "Web Application Security Trends Report: Q1-Q2, 2009" (PDF download).

The report found IE placing fairly well. It was second only to the Opera browser in protecting against Web vulnerabilities.

"Of the browser vulnerabilities, Firefox had 44 percent of the total, but perhaps the biggest surprise was Safari, which formed 35 percent of the browser vulnerabilities. Internet Explorer was third, with 15 percent, and Opera was at 6 percent," the report noted.

Mozilla's Firefox clocked in as the most vulnerable browser on the Web, according to Cenzic's report -- a disappointing showing for IE's closest rival. Firefox reportedly has an estimated 330 million users and recently passed its fifth anniversary, having been launched on November 9, 2004.

Internet Explorer is still the most used browser, followed by Firefox, Apple Safari, Google Chrome (which Cenzic didn't study) and Opera.

In addition to looking at browser security, the report pointed to other areas of concern. Cenzic found that 78 percent of the total vulnerabilities were due to Web components. Web component vulnerabilities have increased compared with such findings from last year's report.

Microsoft at least seems somewhat attuned to the issue. A large theme in Microsoft's September patch cycle had to do with plugging such Web component vulnerabilities.

Cenzic also found bugs in Web servers, browser plug-ins and Microsoft's ActiveX control. ActiveX has been another priority for Microsoft's security team, which issued a security advisory on the matter in July.

The most striking thing about the report's findings is the broad apathy shown on the part of enterprise pros to addressing emerging threats on the Web, according to Mandeep Khera, chief marketing officer at Cenzic.

"In spite of the fact that vulnerabilities are so easily identifiable and widely exploited by hackers -- and there are now low-cost, turnkey SaaS solutions available -- businesses are not focused on securing their Web applications," he said in an e-mail statement. "[The vulnerabilities] are a serious and potentially lethal blind spot for businesses."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Sync Issues Can Arise for PCs with Poor VPN Connections

    Microsoft this week reminded IT pros that PC connections through virtual private networks can sometimes lead to time synchronization issues, possibly causing reduced functionality for end users.

  • HoloLens 2 Borrows Its Killer Feature from Windows

    Turns out the secret to the HoloLens 2's success has nothing to do with holograms.

  • Microsoft Simplifying VPN Configurations for Its Video Streaming Services

    Microsoft this week announced that it is working on a more simplified way for an organization to leverage local end user Internet connections when accessing Microsoft Stream and Microsoft 365 Live Events video feeds.

  • Microsoft Previews MSIX App Attach for Windows Virtual Desktop

    Microsoft this week indicated in an announcement that the MSIX App Attach capability in the Windows Virtual Desktop service can now be tried via a preview of the Windows 10 Enterprise Multisession operating system.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.