Patching powers up security fight

Open source applications, touted as a more secure Web browsing alternative than Internet Explorer - or at least as having fewer vulnerabilities, are about a lot more than grass roots marketing.

Firefox has gained a lot of attention as a secure Web browser; however, new statistics show it is only marginally more secure than Internet Explorer, with half of Firefox's vulnerabilities reported as critical.

This is the finding of Symantec's Internet Security Threat Report released today, which found that of the 21 vulnerabilities recorded in Firefox (Mozilla), eleven were found to be severe. Nine of the 13 vulnerabilities recorded in Internet Explorer between July 1, 2004 and December 31, 2004 were either critical or highly severe.

Symantec Asia Pacific Director John Donovan said security, regardless of what you use, comes back to people power and patching.

"Firefox has a reputation for being more secure but it is just as vulnerable [as others]; 69 percent of the vulnerabilities in Internet Explorer were discovered to be severe and a little over 50 percent relating to Firefox were severe," Donovan said.

"In the last 12 months we also found 37 highly severe instances with Mac OS10 ... the concept of Macs being safer does not hold true as vulnerabilities were found for authentication bypass, and code execution.

"The thing to note is that with any application there will be vulnerabilities so you have to look beyond the technology towards best practice - you have to determine what your patch priority is for deployment and then look at general computer use. Say your organization is running a particular e-mail package and getting attachments and .exe files, you should expect these to be deleted because they don't actually aid in getting work done."

Donovan added that patching, changing passwords and not "opening attachments for the sake of it" would significantly reduce the element of risk and potential harm.

The Internet Security Threat Report also found a steady rise in the number of Win32 viruses and worm variants, finding 7360 new viruses and worms in the latter part of 2004 - an increase of 65 percent compared to the previous six months. The number of attacks per day on individual organizations went up from an average of 10.6 to an average of 13.6 attacks per day.

Donovan said they now see multiple variants of the one virus family, which he puts down to as a malicious-code attacks between various groups as a way to tweak the code to bypass antivirus engines.

"The intention is still there to open ports and create spybots or whatever, but writing viruses to crash systems just for the sake of it is now less of a desirable outcome," he said.

"It is now about controlling a system unbeknown to the user and using that system as a feed to get personal information."

Join the newsletter!

Error: Please check your email address.

More about Symantec

Show Comments