Feeds

IE ripe for attack, despite Microsoft claims

Year of living dangerously

5 things you didn’t know about cloud backup

Windows Vista may be "dramatically more secure" than Windows XP but Internet Explorer is destined to remain Windows' Achilles' heel.

Attacks on browsers will continue their inexorable ascent during the next 12 months, despite changes designed to lock out hackers and thwart remote attacks.

A new security report from IBM Internet Security Systems (ISS) blames the increase on the "exploit as a service industry" where material is being increasingly sold using a traditional channel model. Also, half of websites that carry material designed to infect browsers are capable of camouflaging their attack.

The most popular exploit last year was the MS04-013 critical vulnerability that hit versions of Windows dating back to Windows NT and was disclosed in 2004. It is unclear if MS-ITS can still be found in Windows Vista.

ISS's report makes even more troubling reading because Microsoft has given Windows Vista a clean bill of health and it has also taken responsibility for ensuring security with an architecture that shuts out experienced security partners.

That's going to be a problem as ISS notes that even tried and tested security specialists have faced increased difficulty detecting and solving malicious code. Malware has became harder to spot as viruses, rootkits and spyware increasingly blur the lines by borrowing each other's characteristics.

"Categories typically used by the security industry to differentiate standalone protection products will be much less relevant in 2007," ISS said. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
JLaw, Kate Upton EXPOSED in celeb nude pics hack
100 women victimised as Apple iCloud accounts reportedly popped
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.