Flaws In Mozilla Browsers Soar


Recommended Posts

Hi Sultan......um.....I have to register to read about the security alert?

Flaws in Mozilla browsers soar: study

By Sam Varghese

March 22, 2005 - 11:44AM

Page Tools

Email to a friend Printer format

The number of vulnerabilities in Mozilla-based browsers has risen sharply in the six months from July to December 2004 in comparison to the number found in the January to June 2004 period, the network security and anti-virus company Symantec says in its latest bi-annual security survey.

Symantec Australia and New Zealand managing director John Donovan said the Symantec Internet Security Threat Report, the seventh such survey, reported that 21 vulnerabilities were found to affect the Mozilla browsers in this period.

In sharp contrast, just one Mozilla vulnerability was documented between January and June 2004; seven were noted in the same reporting period a year ago.

It was also more than the number found in Internet Explorer - 13 - during the July-December period. However, IE had a much higher number of critical vulnerabilities.

Donovan said that as use of the browsers based on Mozilla increased, malicious attackers were bound to look more closely at finding flaws in these browsers.

Advertisement

Advertisement"The report also notes that there is a marked rise in planned financial attacks like phishing; these use flaws in browsers, so this increase we've noted is only natural," he said.

He admitted that the report had not taken into account the interval between the finding of a flaw in Mozilla-based browsers and the issue of a patch. At times, this has been as little as a day, while Microsoft has often taken well in excess of six months to patch flaws.

Donovan said no flaws were reported in the Apple browser, Safari, during this period. However, there was a marked increase in the number of flaws found in OS X with the company documenting 37 high-severity vulnerabilities in the operating system.

"These vulnerabilities have been confirmed by the vendor, which, in the Apple's case, almost always means that the company has released a patch. The appearance of a rootkit109 called Opener in October serves to illustrate the growth in vulnerability research on the OS X platform. Additionally, multiple remote and local vulnerabilities have been disclosed that affect both the server and desktop versions of OS X," the report said.

With regard to phishing, Donovan said there was a big rise in activity during the six months under study. During the first week of July, 193 new phishing attacks were detected. This rose rapidly, reaching a peak of 584 new attacks during week October 7 to 13. Then things slowed, before climbing again in the final weeks of December, when 558 new phishing attacks were detected.

The report also predicted that a major backdoor would be discovered in a popular application or software respository.

Citing the backdoors that were found in Sendmail and Fragrouter in 2002, and also the attempt to place a backdoor in the Linux kernel in 2003, the report said that it was unlikely that all software distribution points had become completely secure and untainted since that time, or that attackers, both internal or external, had collectively decided not to backdoor software.

"Rather, Symantec feels it is likely that backdoors inserted into software at certain (perhaps stale) distribution sites persist and remain undiscovered. The possibility of backdoor code being slipped into downloadable software bundles continues to remain a very real threat for users of all platforms," the report said.

"The large number of mirror websites and FTP servers hosting copies of applications and packages is especially worrisome. Compounding the problem is that most operating systems rely on regular downloads of updated packages from websites or mirror sites. The authenticity of most downloadable software, such as popular shareware applications, often cannot be verified, particularly as very few closed source vendors or authors provide digital signatures of their packages."

Donovan said another aspect which was worth noting was the rise in the amount of malicious code targeting mobile devices. Some had targeted bluetooth devices, others had targeted devices running the Symbian OS.

On the enterprise front, he said that given the trends, companies should now focus on planning for recovery. "It is more or less inevitable that some kind of attack will happen sooner or later," he said.

Asked if this was not a fatalistic aproach, Donovan said he was merely being practical, adding "it is better to plan for the worst."

He referred to the problem posed by some kinds of spyware and adware, where the companies which put out these products objected to them being categorised as such. "We can block them, but we can't name them," he said.

Donovan said there was insufficient data to draw any kind of separate picture for Australia. "We cannot read anything into the fact that the country has dropped down the list from fourth to 14th as far as being a source of attacks goes," he said.

The US was the top country of origin for attacks, accounting for 30 percent of those counted by Symantec during the six months. China and Germany were second, with eight percent each.

The report also found that as far as bot networks went, the UK was the host of the largest number. In the Asia-Pacific region, China accounted for nearly eight percent with South Korea (3), Taiwan (3.1) and Japan (2.6) figuring in the top 10.

A recent report said that as many as a million PCs running mostly Windows XP and Windows 2000 had been compromised.

Donovan said there had been a drop in the number of bot networks, which was primarily put down to the release of service pack 2 for Windows XP.

"Over the first six months of 2004, Symantec analysts observed a persistent increase in the number of computers identified as belonging to bot networks. During this period, the average number of computers identified in daily bot network scanning increased to over 30,000 systems a day," the report said.

"This trend was expected to continue as additional systems were added to these bot networks; however, as shown in figure 7, this increasing trend did not continue through the second half of the year.

"Between July 1 and December 31, 2004, observed bot network computers actively scanning declined from a peak of over 30,000 per day in late July to below 5000 per day by the end of the year. The bulk of this decrease occurred in mid-August with a significant drop on August 19. The timing of this drop corresponds closely with the availability of Windows XP Service Pack 2."

Subscribe to The Age for a chance to win a luxury cruise*

Link to post
Share on other sites

Yeah thank you sultan. Apparently we allneed to get off the internet and stay off, thatis the only way to stay safe. hahaha don't see that happening, so I guess we take all the precautions we can and then................pray

Lol

Link to post
Share on other sites

Get off the internet...the lack of nicotin gave you a lapse in brain function?lol Congrats on that.

As anthing else in life the more people that start doing/using something the more problems that will arise. In this case it is security in a nice browser.

M

Link to post
Share on other sites

not lack of nicotine giving me brain lapses , its old age and cars

I can't stay off the net any more than you mikex so I guess that I'll get infected sometime and morph into something that Mac dreamed up in his basement

JD

Link to post
Share on other sites

Thanks Sultan for an interesting albeit scary article.

I think as things worsen on all browsers, operating systems, and email too, that maybe security protection services will advance at a greater usuage pace. I hope so anyhow.

I still talk to people around town (and this is a high tech metro area!!!) who do not have any security at all, no antivirus, no firewall, no antispyware, no Windows updates etc. I am amazed when they say their computers even still work, though most say they have much slower systems nowadays. I just refer them to my favorite tech support boards, and tell them to get cleaned up and protected fast. Then I worry that they wont bother. Sigh!!! And I worry about their computers passing their "infections/infestations" on to the rest of the internet world. Bigger Sigh!!!

Yes I too pray over this computer every time I turn it on!!!

God bless everyone.

Link to post
Share on other sites
  • 2 weeks later...

thanks sultan havent i been saying this for the last six months.

the firefox gurus wont want this post aired.

ive already been in trouble over this article.

and it is like most things the more popular it gets ,the more it is examined by the attackers .

one of the problems with browsers is when they run into trouble .

how do they fix it when they have to rely on the sys they are attached to

because they dont have a sys of their own.

was there ever a time when netscape had an operating sys.

or have they just produced browsers.

i have regcleaner and in the the software section netscape is there but it isnt in any microsoft section on my compt .

Link to post
Share on other sites

I gave him the nickname "linkmaster". I don't know how he does it, but you ask a question over at G4 and he'll respond with a half a page of links. I wish I was as quick and on top of things as Sultan is. He seems to always have the latest news on any [particular subject.

Good job Sultan, thanks for the heads-up.

Link to post
Share on other sites
one of the problems with browsers is when they run into trouble .

how do they fix it when they have to rely on the sys they are attached to

because they dont have a sys of their own.

The operating system doesn't matter. Vulnerabilities in the browser are local to the browser. Vulnerabilities in the operating system aren't Mozilla's problem.

was there ever a time when netscape had an operating sys.

or have they just produced browsers.

Browsers, Web servers, Internet services, a few other things.

Edited by jcl
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...