Most people upgrade the browser first, but often ignore the plug-in security vulnerability. According to Qualys, an information security company, 39% of inspection computers have serious security vulnerabilities related to browser plug-ins.
On the eve of the upcoming online shopping season in Europe and America, Qualys scanned 1.4 million computers for inspection using BrowserCheck and obtained the above analysis results. Browser vulnerabilities are usually used to download malware from victims who browse many websites that are illegal websites.
The Qualys report also states that 40% of all Chrome browser samples have severe security vulnerabilities. Firefox and IE are 35% and 41%, Safari29 %) and Opera34 %) are relatively low. It can be seen that among the three mainstream browsers, Firefox is still relatively secure, while Chrome is not much better than IE, and the overall security situation of the three is very worrying, safari is still far ahead in security.
Of course, the overall security status of Web browsers should be better than that of Qualys, because the computers scanned by Qualys are samples of abnormal problems in user use.
Wolfgang Kandek, chief technology officer of Qualys, believes that browser plug-in security issues are more important than core security software.
In fact, the security of the browser itself is not that bad. Most of the submitted computers are upgraded to the latest browser version, of which 90% of Chrome samples are the latest version, and Firefox is 85%, IE is also available in the latest version 75%. The root cause of the problem is Adobe Shaockwave and browser plug-ins headed by Java and Quicktime .)
For more information about the report, go to the Kandek blog.