digg

Facebook Connect Join Digg About

25 unpatched flaws in Internet Explorer

secunia.com According to this overview by Secunia, Microsoft's Internet Explorer has 25 unpatched security holes. Firefox is doing better, but isn't perfect, with 3 unpatched vulnerabilities (there's a link at the top of the page).

Who dugg this? Made popular Oct 12, 2005

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

48 Comments

show profanity settings
expand all
  • R3dHalo, on 10/12/2007, -1/+2avoid IE like the plague!! Or the avian flu...stupid avian flu
  • geekoid, on 10/12/2007, -0/+1Okay, let's put a little balance here.
    Microsoft Internet Explorer 6.x (Based on ***70*** advisories between 2003 and 2005)

    Mozilla Firefox 1.x (Based on ***25*** advisories between 2003 and 2005)

    Not only has Firefox had one third of the bugs that IE has had, they've also been less severe... Just look at those bar graphs!

  • chileman, on 10/12/2007, -0/+1Huh, I thought the "experts" were saying that IE was more secure than FF. It's hard to trust anyone, they all take it out of context. I know I'm FF all the way since Pheonix 0.3.
  • DarkSideofMoon, on 10/12/2007, -0/+1Question: I work/"learn" in a high school where the sys admin is extremely ignorant and is a hound the MS products... and of course, we all use Internet Explorer as default browser (installed Firefox on my account... through a couple loopholes). What's the best way to coerce a clueless admin to "make his job easier"? God knows, he wouldn't listen to a lowly high school student. Also, the staff at the school is uneducated (irony?) and not willing to listen either. Any ideas?
  • NeilM, on 10/12/2007, -0/+0You know, this is what I like to read. :)
  • wintermute0, on 10/12/2007, -0/+0If MS-IE has 25 unpatched holes, why have we gotten nothing useful the past few "Patch Tuesdays"? -unless you count the malware removal tool that wouldn't be as badly needed if they released the patches
  • icetigaurus, on 10/12/2007, -0/+0firefox* 4lyf (i hate my keyboard)
  • handeyman, on 10/12/2007, -0/+0dont you wish that u could do windows update without IE and dont tell me about windiz cus the microsoft site i must admit is much nicer
  • waddling, on 10/12/2007, -0/+0Ok, IE 6 is how many years old and MS still doesn't have all the holes patched. Gee, can't wait for IE 7 and start all over again. That's it! I'm never putting IE on my Linux machine ;-)
  • zoziw, on 10/12/2007, -0/+0I suppose I should take this opportunity to brag up OS X and Safari but the simple fact is that I haven't had any problems with IE in a very long time.

    I'm not saying the above is acceptable but I haven't had a single issue since well before SP 2.
  • Rain, on 10/12/2007, -1/+1Yay for Opera :)
  • toe_head2001, on 10/12/2007, -0/+020 unpatched, numb nuts.
  • t-readyroc, on 10/12/2007, -0/+0"Eeek. phpnuke seems to be the IE of CMS systems. ;-)"

    You're way off topic, but you're oh, so right.
  • aubrey, on 10/12/2007, -0/+0Interesting site...

    I also checked out postnuke - 0 unpatched of 15 advisories
    http://secunia.com/product/350/
    VS... phpnuke - 18 unpatched out of 21 advisories
    http://secunia.com/product/2385/

    Eeek. phpnuke seems to be the IE of CMS systems. ;-)
  • Mongoose, on 10/12/2007, -0/+0ownage.
  • solidus, on 10/12/2007, -1/+1Oh, oh! I know how to make IE more secure! Yes, yes, um... use Firefox or Opera! Yes, that's it!
  • Tr176, on 10/12/2007, -0/+0The only flaw in IE is IE, but that's just my opinion.
  • icetigaurus, on 10/12/2007, -0/+0Actually it is:
    20 out of 86 Secunia advisories, are marked as "Unpatched" for Internet Explorer 6.x and gets a highly critical rating (4 out of 5)

    vs

    3 out of 25 Secunia advisories, are marked as "Unpatched" for FireFox 1.x and gets a less critical rating (2 out of 5)
  • evilware, on 10/12/2007, -0/+0Well this ain't suprising. I can't believe it isn't more. I am a hardcore firefox user cause it runs so well plus you can optimize it for faster speed.
  • icetigaurus, on 10/12/2007, -0/+0firedox 4lyf
  • sparkmonkeyz, on 10/12/2007, -0/+0he he, 25... i say there is only one flaw with i.e. and that is it is still in existance. ff is the wat to go, i almost never have any problems with it, were wen i ise ie, which is pretty much never now, that is a problem in itself. good digg, i lake any thing that has to put down ie
  • saggygrandma, on 10/12/2007, -0/+025 unpatched.... whats new...
  • flunky02038, on 10/12/2007, -0/+0It still amazes me the way people are shocked about the crappy security in M$ products - just take a peek back to the
    NT days in 1998 and read this quote.

    "Every once in a while, a Windows NT advocate will say, "But, Windows NT is C2 compliant". So, to try to shed some light on this subject, let me say that Windows NT Version 3.5.1 is, in fact, compliant with the Department of Defense's C2 Security specification. However, it is so only when disconnected from a network!"

    Full quote can be found at http://telecom.tbi.net/ntc2.htm

    I rest my case.
  • BugMeNot2, on 10/12/2007, -0/+0Firefox doesn't have crappy security. It's just not perfect. But what is?
  • nocre, on 10/12/2007, -0/+0 Not to lumb myself in with the "mindless zealots" (I often give credit to Microsoft when and where credit is due), I hate Internet Explorer. I hate its vulnerabilities, I hate that its so cemented into the damned OS; hell, I hate its aesthetic.

    That said, this is no surprise. I really couldn't care less about your choice of browser, but I enjoy Firefox. Use whatever you want.
  • MikeWeller, on 10/12/2007, -0/+0Firefox still has 1/9th of the userbase that IE has. I'll wait until they're equal before comparing statistics.
  • D4r7h3v1l, on 10/12/2007, -0/+0secunia is a kknown and respected source.
  • nocre, on 10/12/2007, -0/+0Due to my obsessive compulsions and that I'm somewhat anal retentive, I'm going to double post and annoy you all to fix a couple of misspellings:

    lump*, it's* (the second occurence),
  • neurokaotix, on 10/12/2007, -0/+0This place is getting just as bad as slashdot. Mindless OSS zealots. Here boy, see the linux?... Fetch the linux! Good boy.
  • geoboy, on 10/12/2007, -0/+0Bye bye, xenarchy. Don't let the door hit you on the way out!
  • dbr_onix, on 10/12/2007, -0/+0Erm, doesn't windows need Internet Explorer in some way?

    If your that bothered about vulerabilitys for browsers, use a text-only one.. Theres not many vulns for them anymore..

    Anyway, I'd imagine Microsoft are putting more effort into Vista (And IE7) than their old browser, where as Mozilla only have a few products, and their open source so others can patch them.. It's hardly fair comparison
    - Ben
  • inactive, on 10/12/2007, -0/+0"It's hardly fair comparison"

    Let's pretend that I make car tires among several hundred other items while my competitor only specializes in tires and has more experience in the industry. Would it still be "hardly fair comparison" if someone researching into car safety were to conclude that my tires were 10 times more likely to fail than those of my competitor? No. I would probably catch a lot of flak... and rightly so. There is no excuse for making a ***** tire that puts the user at risk. In fact, didn't Firestone lose/settle in a class action lawsuit for selling ***** tires? Well, they're not diversified like Microsoft, but it still reinforces the fact that you are responsible for the safety of your products.

    It doesn't matter what company makes the software, how many people are on the team that makes the software, or how their methods differ. They should be subject to the same scrutiny because their users are subject to the same harsh environment. If their current situation makes them inefficient it's their own fault. I'm not suggesting Microsoft should be sued because of IE's vulnerabilities... just that they shouldn't be given a break just for being a big lumbering monopoly. Is Microsoft too successful to deal with such insignificant problems? If they can't handle the job anymore they should get their collective ass into gear, get out of the business, or completely restructure and start over.

    For reference, here's a short article about that Firestone problem: http://consumeraffairs.com/news04/firestone_settlement.html
  • inactive, on 10/12/2007, -0/+0It doesn't matter if you are using FireFox or IE because IE is still on your system (well at least most of you).

    Check out this site and remove IE totally and for good(looks like WIN2k ATM sorry XP users)
    http://www.vorck.com/2ksp5.html
  • inactive, on 10/12/2007, -0/+0FireFOX = crap, Opera = Good.

    FirFox is not much better than MS IE. Just because FireFOX makes products with less vulnerabilities than MS IE, doesn't mean they should get away with having more vulnerabilities than Opera. Die! FireFOX! Die!
  • fli7e, on 10/12/2007, -0/+0"firefox* 4lyf (i hate my keyboard)"

    ********Firefox for life (I hate my keyboard).

    Learn to spell or gtfo.

    Back on topic: Does it say how many of these "advisories" were dismissed due to Microsoft not being able to confirm them? My guess is over half.
  • BugMeNot2, on 10/12/2007, -2/+1Look at this.

    http://digg.com/security/HOW_TO:_Make_Internet_Explorer_Secure
  • neurokaotix, on 10/12/2007, -1/+0waddling said, "Ok, IE 6 is how many years old and MS still doesn't have all the holes patched. Gee, can't wait for IE 7 and start all over again. That's it! I'm never putting IE on my Linux machine ;-)"

    Yeah and uh... how old is the ***** mozilla project... old as the hills? Mozilla's bugs are really starting to show now that hackers are finally trying to find them. Mozilla was secure through obscurity. The more attention it gets, the more it's going to raped. Ignorant zealots.
  • tribalsun, on 10/12/2007, -1/+0Opera, 0 unpatched security flaws. I love my Opera :-)
  • Jaesin, on 10/12/2007, -2/+1Opera 8.X - http://secunia.com/product/4932/

    http://www.opera.com/ - 100% Patched
  • thatsiebguy, on 10/12/2007, -1/+0Yawn... so what else is new?
  • rundun, on 10/12/2007, -1/+0those crazy navigator drinking too much!
  • inactive, on 10/12/2007, -2/+0safari? that thing is utter crap.
  • inactive, on 10/12/2007, -3/+1Opera has 0 vulnerabilities, Opera = good, Firefox = Crap
  • inactive, on 10/12/2007, -2/+0FireFox's security is crap compare to Opera.
  • inactive, on 10/12/2007, -3/+1so what, Firefox has crappy security, and people still worshipping it.
  • neurokaotix, on 10/12/2007, -3/+0linsys ranted, "Ummmmm yea becuse POSTING THE SOURCE CODE ON THE INTERNET is somehow "obsecurity" to you.... good job... you must work for microsoft. "

    The obscurity (not "obsecurity" you dolt) is them still be underground in the big picture of things (it's called market share). Now that they are gaining more market share, their exploitable code is being found in the multitudes. Good job... you must not work for anyone.
  • inactive, on 10/12/2007, -4/+0Opera has 0 Vulnerability. Firefox = Crap, Opera = Ownage.
  • inactive, on 10/12/2007, -5/+0Opera has 0 Vulnerability. Firefox = Crap, Opera = Ownage.

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.