Online security website OneITSecurity recently interviewed Charlie Miller, second-year Pwn2Own contest champion, and he shared several interesting insights on browser security – especially with the use of Adobe’s Flash plugin. In Pwn2Own, a contest held in CansecWest Conference, participants are offered a reward for finding vulnerabilities in popular software and operating systems.
Charlie’s interview is particularly relevant with the recent headline mentions of Adobe Flash with Apple’s refusal to make Flash work with their popular iPod, iPhone, and now iPad products, citing its instability and poor security. Microsoft, in its most recent Security Intelligence Report, pointed to Flash was as the most commonly exploited browser vulnerability in the first half of last year.
Charlie seems to share the same view, citing security issues as evidenced by the long list of security patchesalone this past few months. His tip? Use Microsoft IE 8 on Windows 7 without Flash to be as secure as possible. If you can’t avoid using Flash, make sure you are using the most up-to-date version with all security fixes and patches applied.
Too busy to do it yourself? Get in touch with us and we can do it for you as one of the many tasks we take care of with Managed Services.