Browser Security News

Security exploits still target browser vulnerabilities, but attacks on browser plug-ins and vulnerable third-party controls such as Flash and Acrobat are becoming more common. That means Firefox users need to be as cautious as users of Internet Explorer.

Google Inc. has patched Chrome to prevent attackers from stealing files from PCs running the open-source browser. The update, however, has not been pushed out to most users yet. Google quashed the bug in a developer-only version of Chrome that has not been sent to all users via the browser’s update mechanism.

Mozilla on Wednesday patched 11 vulnerabilities in Firefox 3.0 — and 12 bugs in the older Firefox 2.0 — that could be used to compromise computers and steal information. Wednesday’s update patched virtually the same number of vulnerabilities as the last security upgrade seven weeks ago .

yesterday released the third beta version of Chrome, the browser it introduced nearly two months ago, to fix a single security vulnerability and address several other problems. Chrome 0.3.154.9 will be automatically pushed to current users, said Mark Larson, the browser’s product manager, in a note posted to a Google blog on Wednesday.

Users should wait to use Google Chrome after its vulnerabilities were exposed. Randy Abrams, director of Technical Education at ESET, claimed that as vulnerable code was used users should only use Chrome when they are not viewing sensitive pages.

Opera has released a software update that fixes at least seven security vulnerabilities in the Web browser program. Users may be prompted to update when they first launch the browser. Alternatively, Opera surfers can simply select "Help" and "Check for New Release."

There is no real way to prevent someone from stealing your identity or swiping financial and personal information, unless you have no bank accounts, credit cards or Social Security number.

Mozilla Messaging patched nine security vulnerabilities in Thunderbird yesterday, the first time it has plugged holes in the e-mail software since early May. Thunderbird 2.0.0.16, which was added to Mozilla’s download servers late Wednesday, quashes nine bugs, including one that was patched last week in Firefox, the company’s open-source browser.

The battle for your in-box shows no signs of waning. Despite the efforts of software companies large and small, spammers and phishers continue to find and exploit weaknesses in junk-mail filters at the server and client levels.

The new Safari 3.1 includes patches for at least 13 documented flaws, including one that puts Mac OS X at risk of drive-by code execution attacks. Apple has shipped a new version of its flagship Safari Web browser to fix more than a dozen security vulnerabilities affecting both Windows and Mac users.