So a Browser vendor can detect if you have vulnerable browser plug-in… what's next?

Mozilla reported this about Flash Player:

  • The vast majority of people have an out of date version. One study claims 80% and mozilla.com’s own traffic stats show about 75% of visitors on a non current version.
  • In one week, 10,000,000 people have clicked on the “flash update” link

That's very good news but what's next? Well, I hope ALL browser vendors will do the same.  Extra work for them but it'll help the people especially those who do not care about updating their software at all.  See discussion on such in CoU Forums.

E-mail and Browser are the popular applications… it'll be great if the software vendors of the popular applications in providing extra work (beyond what their product is meant to do).  Your browser and email client allows installation of plug-in and add-on. Detect the bad ones and detect the out-dated too.  That is the next thing we want to see.

Published Fri, Sep 18 2009 5:18 by donna

Comments

Friday, September 18, 2009 12:17 PM by John Dowdell

# re: So a Browser vendor can detect if you have vulnerable browser plug-in… what's next?

That "80%" stat came from a security firm's press release issued thirteen days after a new version of Adobe Flash Player arrived. The stat may have been generally valid for a day or two after that press release over a month ago, but....

(It's great that Firefox checks for the current version, just as many websites do. Player's auto-update defaults to checking for updates every 30 days. Successfully completed daily installations vary depending with release schedules, usually ranging in the 5-18M/day range.)

jd/adobe

Monday, September 21, 2009 10:00 AM by Michael Horowitz

# re: So a Browser vendor can detect if you have vulnerable browser plug-in… what's next?

My javatester.org site uses Java to display the currently installed version and also reports on how old it is. Unlike the Flash player, this only needs to be tested in one web browser.