Development in Hacking, Cybercrime and Malaware
Development in Hacking, Cybercrime and MalawareWeb browser vulnerabilities are a serious security concern due to their role in online fraud and in the spread of malicious code, spyware, and adware. Web browsers are security concerns because they are exposed to a great amount of potentially untrusted or hostile content than most other applications. Every year there is an increased reliance on browsers and their plug-ins as the Internet becomes more integral to business and leisure activities. Attacks can originate from malicious websites as well as legitimate websites that have been compromised to serve malicious content. Browsers also facilitate client-side attacks because of their use of plug-ins and other applications in handling potentially malicious content served from the Web, such as compromised documents and media files.
According to recent statistics from late 2009, there was an increase in the market share of Chrome, Firefox, and Safari at the expense of Internet Explorer over the course of the year. Symantec speculates that security concerns may have been a factor in the shifting browser demographics. While it is certain that the increase in the percentage of Internet Explorer 8 users is due to installations of Windows 7, which includes the browser by default, enhanced security is also believed to be a factor in its increased use even as Internet Explorer loses market share overall. The shifting market share should not significantly endanger browsers other than Internet Explorer in terms of attacks in the wild as it is unlikely that a tipping point has yet been reached that will make the development of concerted attacks on other browsers sufficiently profitable to be viable.
In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. The security of applications should be evaluated on a platform-by-platform basis to ensure that platform-specific security...