According to a recent study, approximately 45% of people surfing the Internet were not utilizing the most secure version of their web browser. Like other software, without the appropriate security patches applied, web browsers are vulnerable to attack or exploit. A fully patched web browser can still be vulnerable to attack or exploit if the browser plug-ins are not fully patched. It's important to remember that plug-ins are not automatically patched when the browser is patched.
Traditionally, browser-based attacks originated from "bad" websites but due to poor security coding of web applications or vulnerabilities in the software supporting web sites. Attackers have recently been successful in compromising large numbers of trusted web sites to deliver malicious payloads to unsuspecting visitors. Hackers add scripts that do not change the website's appearance. These scripts may "silently" redirect you to another web site without you even knowing about it. This redirect to another web site may cause malicious programs to be downloaded to your computer. These programs are generally designed to allow remote control of your computer by the attacker and to capture personal information, often related to obtaining credit card, banking information and data used for identify theft.
In April 2012, a leading computer security research laboratory and anti-virus publisher, announced that more than 680,000 web sites had been altered to redirect computers to malicious websites which would attack them in a variety of different ways. The SANS Institute, a computer security research and training organization, recently declared browser attacks to be "Top Cyber Security Menace" for 2012.
It's not just desktop or laptop computers that are vulnerable. As their popularity increases, smart phones such as Blackberries and iPhones may become targets of browser based attacks because of the built in browsers technology and Internet access.
Clearly users must be aware of the issues and take proactive measures. But how?........100% immune high performance browsing environments must be implemented to stop the flood of breaches taking place world wide