X hits on this document

PDF document

Symantec enterpriSe Security - page 40 / 97





40 / 97


Symantec Global internet Security threat report

During the window of exposure, administrators and end users need to mitigate the possibility of exploitation by employing current best practices and the best available mitigation technologies. to reduce the risk posed by unpatched browsers during the windows of exposure, organizations should subscribe to security intelligence alerting services to track vulnerabilities, mitigations, best practices, and patch information. intrusion prevention and detection systems, in combination with antivirus solutions, can help repel attacks on the browser. Organizations should actively maintain a whitelist of trusted websites and implement policies to limit access to all other sites. it is important to keep whitelists up to date because of the risk that trusted websites might be compromised to host attacks and malicious software. Organizations can temporarily remove such sites from the whitelist at their discretion to limit the risk to users. Browser security features and add-ons can allow users to block access to certain content such as JavaScript and Flash. this security measure should be implemented when visiting sites that are untrusted or unfamiliar.

Web browser plug-in vulnerabilities

this metric will examine the number of vulnerabilities affecting plug-ins for Web browsers. Browser plug- ins are technologies that run inside the Web browser and extend its features. Often, these plug-ins allow additional multimedia content from Web pages to be rendered in the browser. they can also enable execution environments that allow applications to be run inside the browser. Browser plug-in vulnerabilities are also used in a range of client-side attacks. Many browsers include various plug-ins in their default installation and provide a framework to ease the installation of additional plug-ins. plug-ins now provide much of the expected or desired functionality of Web browsers and some may even be required to effectively use the internal sites of enterprises.

the following plug-in technologies will be examined:

  • Adobe reader

  • Adobe Flash player

  • Apple Quicktime®

  • Microsoft ActiveX

  • Mozilla Firefox extensions

  • Java platform Standard Edition (Java SE)

in 2009, Symantec documented 321 vulnerabilities affecting plug-ins for Web browsers (figure 9). ActiveX technologies were affected by 134 vulnerabilities, which was the highest among the plug-in technologies examined. Of the remaining technologies, Java SE had 84 vulnerabilities, Adobe reader had 49 vulnerabilities, Quicktime had 27 vulnerabilities, and Adobe Flash player was subject to 23 vulnerabilities. the remaining four vulnerabilities affected extensions for Firefox.

it should be noted that, in 2009, some vulnerabilities fell into multiple categories. For example, the Java SE ActiveX vulnerability96 counts in two categories, ActiveX and Java SE. this is because there is a version of Java SE that is implemented as an ActiveX control. Similarly, the Firefox plug-in for the Adobe reader vulnerability97 counts in both the Adobe reader and Firefox extensions categories; this is because Adobe has released a version of Adobe reader that is implemented as a plug-in for Firefox.

96 97

http://www.securityfocus.com/bid/34931/ http://www.securityfocus.com/bid/36669

Document info
Document views336
Page views336
Page last viewedTue Jan 17 22:20:51 UTC 2017