IE: 2014's Most Vulnerable Browser
Despite Microsoft's constant efforts to improve Internet Explorer, Bromium Labs named IE the most vulnerable browser in the first half of 2014. According to the study, the popular web browser is the favorite target for hackers, who seem to have a knack for exploiting its vulnerabilities.
Embedded in the Windows installation kit, Internet Explorer is a very popular web browser employed by users from every corner of the world. Unfortunately, this application has a lot of security issues that generally don't go unnoticed by cyber criminals. This allegation is easily confirmed by the large number of security patches released by Microsoft. In 2014 alone, IE released 24 vulnerability fixes, and there are likely more to come.
The report from Bromium Labs shows that most hackers use a type of Zero Day attack called Action Script Spray, which targets Internet Explorer through the Adobe Flash plug-in. Furthermore, a similar attack can be used to bypass the ASLR (Address Space Layout Randomization - a Windows security mechanism that protects against buffer overflow attacks) and progressively gain control of an application. Along with Internet Explorer, the report also mentions another well-known name as being a popular target for hackers: Adobe Flash.
Besides being a huge concern for a large number of Windows users, this report could also indicate the boost of other major competitors on the web browser market: Google Chrome and Mozilla Firefox.
Source: Bromium Labs
