NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0478 Buggiest Browser Plug-ins:
ActiveX controls accounted for an overwhelming majority of all browser plub-in vulnerabilities in
the second half of 2007, Symantec said this week in its semi-annual web security report.
Microsoft's technology, primar8ily used to create add-ins for Internet Explorer, accounted for 79%
of the 239 plug-in bugs discovered between July and December 2007, Symantec said. The plug-in with
the next-highest number of flaws was Apple's QuickTime, which had just 8% of the six-month's total.
Only one vulnerability in a plug-in for Mozilla's Firefox browser was detected in the same period,
meaning Firefox's extensions - the moniker Mozilla uses for plug-ins - accounted for only 0.4% of all
found flaws.
(IDG News Service 11APR08)