SecurityThreats

Bromium says IE browser 2x more attacks than others

Bromium report has the information plus a lot more.

Two items of note in the report:

1. the type of exploits occurring in IE, Java and Flash

The security system of the Operating system(ASLR and DEP) was exploited in Zero-day attacks in Internet Explorer(IE).

The new Adobe Action Script feature was exploited in Flash

And in Adobe reader the sandbox master process was bypassed

2. there are good news in the patching of the vulnerabilities.

The IE patches are coming out much faster than before.  From 80 days to 10 or less.

IEdaystopatch2011-13

 

My take on it is Microsoft realizes speed is of the essence in security breaches.

 

although as usual there are a lot of IE vulnerabilities.  As per the latest IBM XPU (34.070) there are 5 IE memory corruption vulnerabilities included in the XPU update.