Share via


Internet Explorer aces security test as Google faces accusations

I mean, I obviously like this article: Internet Explorer aces security test as Google faces accusations as it has a nice quote to start with:

Internet Explorer 9 should be the go-to browser for organizations concerned about protecting machines from malicious downloads, according to a new study from NSS Labs: Microsoft's browser trounced rivals Chrome, Firefox, and Safari in the security company's more recent malware-blocking tests, a significant win considering that traditional malware remains among the most prevalent threats to users

However, I am realistic: I currently feel like it depends on the moon and the stars (and to be fair: the test methodology), which browser is declared the “most secure”. Last week there were reports in the press that Chrome is the best, now it is Internet Explorer. I remember a case about an year ago, where a government agency (because of a vulnerability in IE) recommended to move off IE immediately. Literally a week later, the same government agency (because of a vulnerability in Firefox) recommended to move off Firefox and about two weeks later the same agency (because of vulnerability in Chrome) told the world not to use Chrome anymore – in other words: Stop using the Internet Smile.

Seriously, I know that we invest a lot of work not only on the product itself to reduce the vulnerabilities in our software and make sure – if there is one – vulnerabilities have as little impact as possible. I think we came a long way and our code is much, much better than it was – and to me is better than most (all?) of our competitors. Additionally we know that the Internet Explorer is probably the most attacked piece of software we have as it is the window to the Internet. Therefore it needs additional focus and scrutiny and additional technology like the Smart Screen filter to filter malicious websites. Therefore I am convinced that it is the most secure browser out there but this is a risk management decision everybody has to make on their own.

The only thing I know for sure and which is not negotiable for me is:

Older versions of the browser have to disappear. If you are still Internet Explorer 6, get rid of it. If you are on older versions of Firefox, Chrome, etc. get rid of it. In this context, make sure that you are using a browser, which at least helps you to make this happen. I was recently starting my Firefox again (yes, I look at competitive products as well) and realized that I had to go to HelpAbout Firefox to find out that there are updates available. From a risk perspective this is not acceptable to me. Maybe I could change some options somewhere but this is just a standard installation… Again, a risk management decision.

Happy browsing

Roger

Comments

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    February 10, 2012
    Firefox has had automatic security updates enabled by default since... forever. You just have to use Firefox for more than 2 minutes so you give it time to check the mozilla servers. Also, if you had been on top of things you'd know that Firefox 12 will even remove the need for an administrator account. Firefox 13 will then bring full silent updates without any user interaction at all. Seewiki.mozilla.org/.../Silent_Update Stop spreading FUD. It smells.

  • Anonymous
    March 16, 2012
    Thanks for posting this informative Blog Article. I think that you are absolutely right in saying that people should get rid of old browsers, especially people who are involved in the field of <a href="www.rpjtechnology.com/Media-Transcription">Media Transcription</a>.