X

According to a report in Computerworld this morning, Symantec has said ActiveX controls caused nearly all browser plug-in vulnerabilities in the second half of 2007.


Click to enlarge
The company said that Microsoft’s technology, which is used to create add-ins for Internet Explorer, accounted for some 79 per cent of the 239 plug-in bugs discovered between July and December last year.


In comparison, the next-highest number of flaws was from Apple’s QuickTime, which scored just 8 per cent of the total.


And only one vulnerability was found in a plug-in for Mozilla’s Firefox browser – or about 0.4 percent of all detected flaws.

 
Symantec said that this result was due to several factors, including the availability of tools that hackers use to exploit input vulnerabilities in the controls.

 

The 2006 launch of IE7, which Microsoft claimed was much more secure than its predecessors, hasn’t had much of an impact on the number of ActiveX vulnerabilities, the Symantec report said.


In the second half of 2007, Symantec said it detected 190 ActiveX vulnerabilities, down about 10 per cent from the 210 found in the first six months of that year.

And ActiveX’s problems haven’t improved this year either. In February, for example, a wave of vulnerabilities in several high-profile ActiveX controls prompted the US Computer Emergency Readiness Team (US-CERT) to recommend that users disable all IE plug-ins.

Other plug-ins where Symantec found vulnerabilities included Java (13 flaws detected), Adobe’s Flash (11), Microsoft’s Windows Media Player (4) and Adobe’s Acrobat Reader (1).

PAN1992 MWO Banners LB 728x90px V2 Symantec Says ActiveX Causes Most Bugs
JBHIFI Ampere 728 x 90 media Symantec Says ActiveX Causes Most Bugs
728x90 Symantec Says ActiveX Causes Most Bugs
JBHIFI Pre order Ampere 728 x 90 media Symantec Says ActiveX Causes Most Bugs
Olimpia Splendid Unico Cooling 728x90 Symantec Says ActiveX Causes Most Bugs
Incase LeaderBoard 728x90 Symantec Says ActiveX Causes Most Bugs
BW Trade In 728x90 1 Symantec Says ActiveX Causes Most Bugs
HAR0468 PBOXGO 728x90 Symantec Says ActiveX Causes Most Bugs
ARL0332 Arlo Ultra 2 Banner 2 728x90 FA scaled Symantec Says ActiveX Causes Most Bugs
2231 NEXUS 4SQM Digital Banner Ads Leaderboard 728x90 Symantec Says ActiveX Causes Most Bugs


YOU MAY ALSO LIKE