Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

MICROSOFT

284 Days – The Attack Window of IE in 2006

- Version 6

By: Marius Oiaga, Technology News Editor

An attack window is defined as the period of time between the availability of a zero-day vulnerability and the moment the vendor produces a security update addressing the flaw. During
this time, users are exposed to exploits and have no defense barrier against attacks.

Brian Krebs over at Washington Post has compiled statistics that reveal the attack window associated with Internet Explorer 6 in the past year. Microsoft's Internet Explorer is the dominant presence on the global browser market with a share of approximately 80%, according to data made public by Market Share by Net Applications. In this context, IE users have been exposed to attacks for a total of 284 days in 2007.

"There were at least 98 days last year in which no software fixes from Microsoft were available to fix IE flaws that criminals were actively using to steal personal and financial data from users. Microsoft labels software vulnerabilities "critical" -- its most severe rating -- if the flaws could be exploited to criminal advantage without any action on the part of the user, or by merely convincing an IE user to click on a link, visit a malicious Web site, or open a specially crafted e-mail or e-mail attachment," explained Krebs.

Krebs informed that for 284 days in the past year, Proof-of-Concept and exploit code impacting either zero-day or unpatched critical vulnerabilities in Internet Explorer was available in the wild.

Although Microsoft has delivered Internet Explorer 7 on October 18, 2006, the latest Microsoft browser has not enjoyed an adoption rate that would take Internet Explorer 6 out of the equation. In fact, analytics company OneStat revealed that on November 6, 2006, the global usage share of IE7 was of just 3.06%.

MORE RELATED ARTICLES: Free IE6 VPC Windows XP SP2 = a Microsoft Success Internet Explorer 7 Down – Firefox 2.0 Up PoC Published for Internet Explorer 7 Vulnerability Firefox 2.0 Continues to Grow in the Detriment of IE7 Remove the Search Box from Internet Explorer 7 Upgrade to IE7 Optimized for Google Internet Explorer Sinks Under 80% God Save Internet Explorer The First Internet Explorer 7 Vulnerability Adobe Software and DEP Enabled in IE7
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

6th January 2007, 10:18 GMT | Copyright (c) 2007 Softpedia | Contact:
Read by 1,299 user(s) | Rating: | 6 vote(s) so far | Cast your vote:
284 Days – The Attack Window of IE in 2006 - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT 284 Days – The Attack Window of IE in 2006

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive