Internet Explorer: An Ideal Target for Attackers?

Friday

The title comes from an article from Symantec Security Center.

Given the increase of malicious activity in the current threat landscape, consumers need to be more cautious when browsing the Internet. Web browsers are now supporting an increasing number of technologies. The more a Web browser has to deal with, the more likely a security hole will be inadvertently coded into it. Therefore, it's no wonder attackers are targeting the growing number of vulnerabilities in Web browsers.

Over the last six months of 2006 we have been tracking the distribution of attacks targeting Web browsers. The results show that Microsoft’s Internet Explorer leads with an extremely large margin in the number of attackers targeting it. The primary focus of attacks seems to target ActiveX controls; ActiveX controls are not strictly a part of the browser, but simply provide functionality that can be used by the browser. This brings into question the security viability of Microsoft’s latest version of their popular browser Internet Explorer 7.

Combine this with a zero day exploit and online ads to have the perfect recipe to distribute some trojans and become part of a botnet. Yoepie! No official patch available to solve the issue. So everyone using Internet Explorer is at risk. Only an unofficial one from eEye. (Use at own risk).
Firefox users are not at risk. May it's time to share some of my favorite extensions:

This helps to improve on the security of the browser without losing too much functionality. Of course, you don't have to use Firefox if you don't like it. There's always Opera. It's nice to see that Internet Explorer is not the only one and that Firefox is gaining in popularity.