1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firefox tops list of 12 most vulnerable apps

Discussion in 'News' started by wagnerk, Dec 16, 2008.

  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator


    Firefox tops list of 12 most vulnerable apps

    Mozilla’s flagship Firefox browser has earned the dubious title of the most vulnerable software program running on the Windows platform.

    According to application whitelisting vendor Bit9, Firefox topped the list of 12 widely deployed desktop applications that suffered through critical security vulnerabilities in 2008. These flaws exposed millions of Windows users to remote code execution attacks.

    The other applications on the list are all well-known and range from browsers to media players, to VOIP chat and anti-virus software programs. Here’s Bit9’s dirty dozen:

    Read the rest of the article here.

    Certifications: CITP, PGDip, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MSc in Tech Management


    1. tripwire45
      Of course, Firefox only made the top of the list because it was running on Windows. Solution? Run Linux. :wink:
    2. wagnerk
      :lol: You got them there :)

    3. hbroomhall
    4. zebulebu
      So WL Messenger is number 12 on that list - the only Microsoft product to appear at all - and Firefox is number 1? That has to be, hands-down, the absolute stupidest report I'll never bother to read. The following sentence tells all you need to know:

      "Often running outside of the IT department’s knowledge or control, these applications can be difficult to detect..."

      Aaaaaand.... Bull**** detector set to 'on'.

      ANY IT department that lets ANY application run without its knowledge or control is, frankly, not worth the title of 'IT department'. 'Difficult to detect'? Really? With completely free scripts available that can audit your entire 5000 node network in a night?

      Utterly pathetic!
    5. tripwire45
      I'll have to go along with The Register's analysis of the report. The standards used to place apps on the list seem just a tad unrealistic.
    6. kevicho
      Im not into conspiracy theory here, but who are they trying to impress with this list, must have an MS renewal coming up.

      For example on a fresh windows machine, use IE to browse dodgy sites (without protection), watch the infection rush begin, do the same with firefox, and the results will be less infection.

      Then use freeware utils from 3rd party companies to clean up the mess (or reinstall if you are lazy)

      As others have said, tight group policies, giving users least permission possible to do their jobs, and make sure workstations are patched in a timely (and pre tested) fashion using sms or sus and your call rate for machines infected with junk should be low.

      This report is just propoganda, and bad propaganda at that.

    Share This Page