Click here to receive your FREE subscription to Campus Technology
News
IE Is Least-Patched Browser, Report Says
7/8/2008
|
|
According to a report released last Tuesday, more than 40 percent of Internet surfers don't use browsers with up-to-date security patches--and Internet Explorer users are the biggest culprits.
The report, "Understanding the Web Browser Threat," was conducted by researchers at ETH Zurich, Google Inc. and IBM Internet Security Services. Its main assertion is that Web browsers -- such as IE, Firefox and Safari -- are often the weakest link in the security configuration of a given workstation.
IE took hits throughout the report, which claimed that the gestation time between Microsoft patch releases is too long compared to similar programs from Apple and others. In fact, according to the report, IE came in dead last in terms of security, with only 47.6 percent of its users having the latest security patches.
The report's authors wrote: "Considering that Microsoft offers Internet Explorer 7 as an auto-upgrade from Internet Explorer 6 as part of the monthly Windows updates and that it requires a manual patch to prevent upgrading to version 7, it is rather surprising to see how slow the migration to the most secure version has been."
Firefox came in first place, with 83.3 percent of its users having the latest version. Apple's Safari and the open source Opera came in second and third, with 65.3 and 56.1 percent of its users, respectively, running the latest versions.
But, as with many such reports, there are those who were quick to question the findings and defend Microsoft's position in the security space. In particular, Microsoft Software Security Software Engineer Robert Hensing took issue with the way the data on IE was gathered, arguing that the method could not have produced the results stated in the report.
"I can appreciate what [the report's authors] are trying to do -- and I believe they were probably trying to be as un-biased and scientific as they possibly could given the nebulous goal of the study, but it was, unfortunately, full of fail," he wrote in his blog on Tuesday, soon after the report's release. "What they seem to have done is combed the Google logs looking at the user-agent strings...The only problem? IE doesn't send minor version information, so there's no way to determine IE patch levels from the user-agent string. Oops."
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
