Nom nom nom.
I recently wrote about switching away from Internet Explorer as a recommendation to users who aren’t technically inclined. As a follow up, here’s an interesting article with some real world examples. The article brings up some good points: not only is it important to keep your browser up to date, but also your plugins. More and more, out of date versions of plugins like Sun’s Java, Adobe’s Acrobat Reader and Adobe’s Flash Player are being exploited.
The two highest rated exploits were “pdf_pack”, which was just patched this month by Adobe, so your reader is likely out of date, and “javad0″, which was just recently patched by Sun… so yes, your Java plugin is likely out of date too. Keeping these up to date is absolutely crucial to your security. Want to see how easy it is for the bad guys to get this kind of stuff? Just Google “javad0″ and you’ll find links to sites offering these exploit packs.
The article uses an actual browser exploit kit, Eleonore. This is the same thing a lot of the bad guys use to hack you. Interesting real world stats on Internet Explorer versus Firefox are included below; these charts contain the version of the browser, then the number of times that browser version has accessed, the number the version was found to be vulnerable, and the percentage. Take a look at Firefox versus Internet Explorer, and the numbers speak for themselves, below the fold.
Firefox (almost 0% vulnerable):
Internet Explorer (8 is 11.68% vulnerable, 6 is 29.67% vulnerable!):
