A report from Cenzic as well as the exploitation of Apple Safari, Mozilla Firefox and Microsoft Internet Explorer during the recent Pwn2Own contest at CanSecWest underscore the need to keep bolstering browser security.Web browser developers have responded by tightening security in te face of continued vulnerability to Web exploits.From Microsoft's Internet Explorer 8 to Apple Safari, popular Internet
browsers have taken a bit of a public beating the week of March 16. Even as
hackers continue to focus most of their attention on Web applications, exploits
targeting the browser always make juicy tidbits for black hats.
In Cenzic's
Web Application Security Trends Report, (PDF) released March 18, the vulnerability
assessment and risk management software company found that there was 7 percent
increase in the number of browser
vulnerabilities in the second half of 2008. Microsoft Internet Explorer accounted
for 43 percent of that total, with Mozilla Firefox following closely with 39
percent. Apple Safari and Opera Software's Opera browser accounted for 10 and 8
percent, respectively.
Then there was the Pwn2Own contest. Hosted by TippingPoint, the annual hacking
event at CanSecWest this year saw security on IE, Safari and Firefox all go
down for the count.
With all this as a backdrop, it should be noted that browser security in
general is improving, some researchers said. The past few years have seen an
increasing amount of security
built into browsers, ranging from IE
8's cross-site scripting filter to the sandboxing in Google Chrome, which
Charlie Miller, one of the prize winners at the 2009 Pwn2Own event, said limits
the amount of damage that can be done.
Read the rest of this article on eWEEK.com.
Content Management 
/ 1 
