Wednesday, January 31, 2007

Goodbye IE. I wish I'd never met you.

An interesting article that puts some of the browser vulnerability in perspective. Granted, the story is only dealing with IE6, so I imagine that IE7 on Vista will be marginally better in terms of security. Funny, that's pretty much the same story we heard about WinXP SP2, wasn't it?

Boiling the article down into one, easy to understand statistic:

Number of days in 2006 your computer could be completely p0wn3d through no fault of your own on a completely patched computer because of the browser you are running:

IE: 284 days
Firefox: 9 days

Why are we unable to convince US management that this piece of software is just too dangerous to use? And yet, it is not unheard of to have an organization bolt down the use of gTalk for security reasons, although I've yet to hear of a single exploit going through the system. I imagine that what they are really irritated about is that the jabber back end uses TLS to provide encrypted connections that they can't look into.

Have you found evidence of a gTalk exploit? An article somewhere? Please post a link if you have.

Internet Explorer Unsafe for 284 Days in 2006 - Security Fix

No comments:

Post a Comment