Tollie's Profile

Member since September 16, 2004

Favorite Files

Recent Posts

  1. Comment - 10 Security Flaws Found in Mozilla

    (Sep 16, 2004 - 12:36 PM)

    This is my first comment to BetaNews. Usually, none of the comments are useful, but are just dumb argueing. However, this time I'd like to comment on the 'browser war' just to try and help some of you out.

    First off, Mozilla browsers are safer mainly due to the lack of ActiveX programs. Most people that mess up their computers with loads of spyware and trojans get it by clicking on popup windows (which Mozilla has been able to block for years, and Microsoft just started doing with Windows Service Pack 2) that subsequently install malicious ActiveX programs.

    But the practical aspects aside, this "news" post was about internal security vulnerabilities.

    From the same security company that reported on the Mozilla bugs:

    Security Adivsories for Internet Explorer:
    http://secunia.com/product/11/

    "Microsoft Internet Explorer 6 with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Extremely critical ... Currently, 18 out of 59 Secunia advisories, is marked as "Unpatched" in the Secunia database."

    Versus...

    Security Adivsories for Mozilla Firefox:
    http://secunia.com/product/3256/

    "Mozilla Firefox 0.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Moderately critical ... Currently, 2 out of 12 Secunia advisories, is marked as "Unpatched" in the Secunia database."

    ... So there you have it. Besides IE being the most dangerous browser because of ActiveX programs. and besides its 18 unpatched internal security flaws (some extremely critical), Mozilla is still the browser of choice for its lack of depedency on the operating system (mess up the 60MB+ Internet Explorer and you reinstall Windows; mess up the 5MB Firefox and you reinstall it only).

    Switching to Mozilla is still safe, and a better alternative to using Microsoft's Internet Explorer.

    Sigh. Please ignore this comment if you religiously disagree, I won't argue. I just wanted to share some of those numbers from Secunia with you.