Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: I.E. Unsafe for 284 Days in 2006. Firefox 9 days

__/ [ Jim Richardson ] on Friday 05 January 2007 03:50 \__

> On Thu, 04 Jan 2007 23:40:45 +0000,
>  B Gruff <bbgruff@xxxxxxxxxxx> wrote:
>>
http://blog.washingtonpost.com/securityfix/2007/01/internet_explorer_unsafe_for_2.html?referrer=email
>>
>> "For a total 284 days in 2006 (or more than nine months out of the year),
>> exploit code for known, unpatched critical flaws in pre-IE7 versions of
>> the browser was publicly available on the Internet. Likewise, there were
>> at least 98 days last year in which no software fixes from Microsoft were
>> available to fix IE flaws that criminals were actively using to steal
>> personal and financial data from users"
>>
>> "In contrast, Internet Explorer's closest competitor in terms of market
>> share -- Mozilla's Firefox browser -- experienced a single period lasting
>> just nine days last year in which exploit code for a serious security hole
>> was posted online before Mozilla shipped a patch to remedy the problem"
>>
> 
> 
> Couldn't possible be relevent, Erik assures us that security is a
> binary. That no OS (or by extension, any other block of software) could
> be more or less secure than another.

How many patches might be contributed by the community that has access to the
code and knows the vulnerability/code very well. Once a patch is issued
there's peer review, as well as a large bunch of people running the nightly
and reporting issues that may arise.

Microsoft : Arrogance leads to Vulnerability

,----[ Quote ]
| Chatting with the Microsoft senior sales people, I was struck by
| their incredible arrogance. They know the company?s products are good,
| but they have no qualms whatsoever about charging top dollar as a
| result.
| 
| It reminds us how Microsoft used to behave when it comes to their
| products' security records. IE5 and 6 were nothing short of being
| proper Swiss Cheese with loads of holes in them but hey, they had 95%
| of the browser market at that time and couldn't care less.
`----

http://securityblog.itproportal.com/?p=514

-- 
                        ~~ Best wishes for the new year!

Roy S. Schestowitz      | FreeBSD - sidling with a little devil
http://Schestowitz.com  |     GNU/Linux     ¦     PGP-Key: 0x74572E8E
Mem:    514480k total,   444472k used,    70008k free,    86364k buffers
      http://iuron.com - next generation of search paradigms

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index