Old Browsers and security - Was Re: [thelist] Site review please
Dave Holloway
daveholloway at spamcop.net
Wed Jan 28 12:28:11 CST 2004
Hassan Schroeder wrote:
> So you're going to tell someone using NS4 on Solaris that they're
> "less secure" than someone using IE-what-ever on Windows?
>
Yes.
It doesn't matter what operating system you are using. If an old browser
has a known vulnerability, for example: a vulnerability that allows
processes to be run on your local machine, it is open to the
vulnerability until the browser is upgraded, regardless of OSs,
firewalls, web proxies, and routers.
These bugs don't launch remote processes.. but they are still security
flaws.. Newer browsers will have patches to fix them.
https://testzone.secunia.com/advisories/7605/
http://cert.uni-stuttgart.de/archive/bugtraq/2000/03/pgp00019.pgp
> OK. Yeah. [ Cue laugh track... ]
Ha.
Little Dave.
More information about the thelist
mailing list