Browser Security News

Modern browsers are much better than their predecessors at keeping your Web activity private and your data safe. Still, you may not have your browser configured to provide optimum security. Take a few minutes to give Internet Explorer 7 and Firefox 2 a safety check.

The new Safari 3.1 includes patches for at least 13 documented flaws, including one that puts Mac OS X at risk of drive-by code execution attacks. Apple has shipped a new version of its flagship Safari Web browser to fix more than a dozen security vulnerabilities affecting both Windows and Mac users.

Microsoft recently released Windows Internet Explorer 8 Beta 1 to the public. While the developer tools and other features are receiving a lot of interest, this release also includes new security features and concerns that require some attention.

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the final part of our three-part Kill-Bit FAQ.

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the second part of our three-part Kill-Bit FAQ.

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the first part of a three-part FAQ we have developed to answer some questions around the Kill-Bit and related functionality.

A proxy server, by definition, is a network service that allows clients to make indirect network connections to other network services like the Internet, giving users the freedom of browsing the Web. The use of certain Firewall/Web filtering applications by some corporations, organizations, universities or countries shows that each is willing to spend a lot […]

Mozilla Corp. bumped up the threat ranking for an unpatched Firefox bug to "high" Tuesday, but promised a fix is coming in Version 2.0.0.12, now slated for release on Feb. The company’s head of security, Window Snyder, confirmed that the browser, when running any of more than 600 add-ons, can be exploited to steal "session […]

A new Trojan program is targeting unwitting users’ bank data by intercepting account information before it is encrypted and sending it to a central attacker database. The Trojan, dubbed Trojan.Silentbanker by security software company Symantec, can intercept online banking transactions that normally are well guarded by two-factor authentication procedures.

Web sites that naively call for user input, then fail to put strict checks on what that input may be, are susceptible to SQL injection attacks. That vulnerability appears to be the cause of up to 70,000 Web pages getting hacked by malicious code between Dec. 28 and Jan. 5..