Browser Alternatives Are No Guarantee of Security

March 8, 2008 – 4:12 PM

If you use an alternative browser–Firefox, Opera, Mozilla, or anything not named Internet Explorer–you may be feeling pretty smug these days. Every time you hear about another patch for IE or about another way hackers use that browser to attack unsuspecting Web users, you think to yourself, “I don’t have to worry.”

Well, think again. The fact is, alternatives like Firefox have security problems of their own. And even if you don’t use Internet Explorer for your everyday browsing, you still have to keep it patched: Those ever-creative hackers have found ways to enter your system through Firefox, and then exploit IE.

If you grabbed your copy of Firefox or Mozilla a few months ago, you’re at risk. Programmers have discovered at least 28 holes in Firefox since January 1. The Mozilla browser shared 27 of those problems with Firefox (click here for details). You must install a new copy of the browser. Use Secunia‘s tool to see whether your browser is vulnerable.

The right piece of malware could trigger older versions of Mozilla or Firefox to launch programs at will or to read data from the browser cache out of memory, threatening your privacy by exposing your browser history, search queries, and possibly passwords.

Opera has released security fixes this year, too, though fewer than Mozilla and Firefox. To get more details, click here.

Merely patching your alternative browser isn’t enough. Security researchers recently discovered an exploit that uses the browser plug-in Java to worm its way through Firefox to get to IE. It then uses IE to launch a blizzard of pop-ups.

That means you have to keep up-to-date on all those IE fixes you thought you could ignore. And you have to make sure that any browser add-ons such as Java are secure. (If you don’t know which version of Java you have, click here; and pick up the latest version from Sun here.)

It’s tempting to think that using an alternative browser is like going back to the early days of the Web, when you didn’t have to worry about safety. Sadly, those days seem to be gone forever.,aid,120768,00.asp

You must be logged in to post a comment.