A group of researches on Tuesday said 637 million Web users are surfing with outdated Internet browsers and therefore at greater risk of Web-based attacks.

Using data collected from Google Web searches and security firm Secunia, the researchers, Stefan Frei (of ETH, Zurich), Thomas Dübendorfer (Google), Gunter Ollmann (IBM ISS), and Martin May (ETH, Zurich), analyzed the browsers used in a new report (PDF). They did so in an effort to understand why so many recent attacks by criminal hackers have been aimed at the browser, and why those attacks have been so successful. read more here

C NET (http://news.cnet.com/8301-10789_3-9981954-57.html)

:( :confused:

What is a criminal hacker? I only know of blackhats.
Anyhow, I run an outdated browser. It's called Firefox 3 RC 2, because I don't want to put up with how slow the official version is.

Maybe makers of web browsers should release security updates for older versions till the new version is widely accepted. Instead of using security issues as a means of planned obsolescence as they seem to do now.

Maybe makers of web browsers should release security updates for older versions till the new version is widely accepted. Instead of using security issues as a means of planned obsolescence as they seem to do now.

cammin, that would help. But then what would make people upgrade? I think if a person is at risk because of an outdated version of a browser, then they need to take more responsibility and check the settings option that will upgrade automatically.

What kinds of attacks are possible for outdated Internet browsers?

What kinds of attacks are possible for outdated Internet browsers?
Just go here and search for the browser of your choice:
http://milw0rm.com/search.php

One good news for FF3 users that most of the vulnerability (very less compared to IE 6 & 7) is in FF2

I think that keeping their products updated should be a priority for browser developers, because nowadays browsers can be turned into Achile's heel easily if they are oudated. It can be the way in for most evil attackers and the results can get pretty nasty.
Users should also consider the privilleges browsers are run under (if you run firefox as root and it's exploited, it'd have a major impact on your system I'd say).

I'm at risk with FF2 --- NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!


Ok, I'm running Ubuntu -- so I'm not that worried!

cammin, that would help. But then what would make people upgrade? I think if a person is at risk because of an outdated version of a browser, then they need to take more responsibility and check the settings option that will upgrade automatically.

The added features of the new product should make people want to switch to it.
If you're not going to give people an actual choice about upgrading their browsers, then automatic upgrades should be mandatory instead of an option.