Browser bugs, a year-around bite

Sure, we know that Web browsers aren't the safest applications for protecting our PCs against viruses, spyware and other technological malfeasance. But at a U.C. Berkeley research talk given Thursday, an assistant professor of computer science illuminated the problem in numbers.

For people who use Microsoft's Internet Explorer to browse the Web, the picture wasn't good. In 2004, IE was "unsafe" a total of 358 days of the year, meaning that the browser contained a publicly known, remotely exploitable hole for which there was no patch available. That means IE was "safe" only seven days, or 2 percent of the year, according to David Wagner, an assistant professor and well-known cryptography researcher. Wagner's team compiled the data from Scanit and Secunia.

Also, it would take 463 days to install all of the known IE patches to make the browser secure in 2004, according to Wagner's summary data. Thirty-four of IE's bugs were without patches.

In contrast, Opera was "safe" 300 days, or 82 percent of 2004. None of the bugs for Opera's browser went without a patch and it would take 93 days total to fix them.

Firefox scored best. It was "safe" 339 days, or 93 percent of the year. Only two of its bugs went without a patch and it would take 43 days to install its fixes, according to the data summary.

As Wagner said: "Security bugs are rampant." So batten down the hatches.

Close
Drag