Browser Security

Microsoft put out a patch for many versions of Internet Explorer today, and Opera has put out version 9.63, both to fix vulnerabilities.

So here are some general guidelines to remember for safe browsing.

All browsers have bugs. This is a more specific version of "all software has bugs." Browsers are giant and everyone uses them. If you're reading with a browser now, it has vulnerabilities. The only question is how many of them you know about.

Different browsers have different bugs. The bad things that can happen to you with one browser can be entirely different than with another.

Different browsers may have the same bugs. There is a lot of cross-pollination between browsers. And a browser that runs on multiple OS's could have the same vulnerability across all platforms.

Updating frequently is generally better. Bug fixes sometimes introduce new vulnerabilities, and new features are especially ripe. Still, newer usually beats older.

Watch the plugins. A compromised plugin is usually the same as a compromised browser. Keep the number small.

Don't go there. It's easy to say "stay away from shady sites." With ad networks being co-opted, though, this can be pretty hard to do. Still, you can make yourself be less of a victim by browsing reputable sites.

And some specific guidelines:

Internet Explorer: If you are on Vista, use sandboxing, and avoid the plugins that cause you to have to leave it. Sandboxing means an attack on the browser is less likely to lead to an attack on the rest of your system. The sandbox isn't perfect, but it's better than nothing.

Firefox: Use NoScript. Don't get complacent; as Firefox becomes more popular, attacks on it will rise.