Topic: "Most Vulnerable Windows Applications in 2008" (page 1 of 1)

1
Author Post
alt3rn4tiv3
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
[x-posted to hackquest, net-force and my blog]

yeah yeah. the year hasn't ended yet, but we've already got stuff like the top cybercrimes, top swimsuit design, top hot model, yada yada.
bit9 came up with the year's top vulnerable applications on the windows platform and guess who tops the list?
.
.
.
.
.
.
.
foxy! yeah. firefox, with 10 critical vulns that "allows hackers to gain control of your computer and steal passwords".
see the whole thing here - http://www.bit9.com/files/Vulnerable_Apps_DEC_08.pdf
Edited by alt3rn4tiv3 on 16.12.2008 17:20:02
private message EMail Website
quangntenemy
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
Not sure but I heard there's a critical IE bug still roaming around too lazy to look into it :D
private message EMail Website
Dent
[none yet]
I use two of the applications listed. So is there any replacements for MSN Messenger and Adobe Flash?
private message
alt3rn4tiv3
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
as discussed with rhican in net-force, this document should not be taken seriously. can you believe that safari is listed as a popular application on the windows platform? and internet explorer is totally left out?
private message EMail Website
Dent
[none yet]
If MSIE isnt there I wouldnt trust that list but I am looking for a replacement for MSN Messenger if that exists.
private message
Towley
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
Of course the most used applications are those who are targeted by most "security researchers".

To name some other popular apps:
There have been mutliple buffer overflows fixed in Opera lately,
Microsoft Word has similar issues currently,
libpng is/was also vulnerable to some issue....,
the list continues...

What i like about firefox (and windows maybe) is the auto-update thingy.

BTW: There are techniques that help applications to defend against security threats and just to name a few things:

- (On OS basis there should be stack randomization)
- as user you should avoid using root/admin account
- use NoScript Plugin for Firefox

PS: Lately some helpful person proposed to abonnement security RSS Feeds. I really can recommend that. I am using Opera to do mail stuff pop3/smtp, and it works not too bad with feeds either.

Merry Christmas to all
Towley
private message Website
devnull
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
what about pidgin as a replacement for MSN messenger
private message EMail Website
Dent
[none yet]
Thanks for the tip. Ill try Pidgin.
private message

Topic: "Most Vulnerable Windows Applications in 2008" (page 1 of 1)

1