" When Web browsers first emerged as front-end
interfaces to Web-based applications, it was in an era where
application-layer attacks were few and far between. Today, the browser
has become one of the most critical and most used pieces of software on
everyone’s computer. Consequently, it has become the focus of attack.
Despite the best efforts of the computer security industry,
the number of flaws continues to grow; new ones have already been found
in Microsoft Internet Explorer 7, and Firefox is coming under
increasing scrutiny by industry experts and attackers. Browser vendors
are faced with the impossible task of writing flawless code while
hackers only have to spot one error in order to find an attack vector.
The emergence of the "exploits-as-a-service" business, where malware is
sold to organized crime, has helped to increase the cries for better
Web browsers and Web browser security. "
"Web browser security is an ongoing issue because a browser cannot
distinguish between malicious and non-malicious content. The critical
question is, at what point should the browser defer to the user’s
decision to allow particular content, versus blocking it regardless?"
Article Link: http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1250554,00.html
