Channels ▼
RSS

Security

Study Details Usage of Insecure Web Browsers


A study released Tuesday outlines the state of updated and non-updated web browsers in the general web user population, and the picture is, predictably, not rosy.

The study, done by researchers from the Computer Engineering and Networks Laboratory of ETH Zurich, Google Switzerland, and IBM Internet Security Systems, used data from HTTP USER-AGENT headers recorded by Google's logs, as well as data from security firm Secunia.

The researchers found that 16.7% of Firefox users, 34.7% of Safari users, 43.9% of Opera users and 52.4% of IE users were not using the latest and most secure versions of those browsers. The team attributes Firefox's relatively low percentage of outdated browser usage to its one-click method of auto-updating.

While the study clearly shows that browser users don't take responsibility for updating their browsers, it also faults browser makers for not making patches quickly available. Microsoft's practice of releasing patches once per month, for instance, can leave browser users vulnerable for critical weeks, during which exploits can gain a foothold.

Furthermore, the researchers say that their study does not take into account the many vulnerabilities in browser plug-ins that are not reported in USER-AGENT fields, meaning that even some of the up-to-date browsers in the study had security flaws.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video