Displaying items by tag: Plugins

PatchStack has pushed out a report that shows that a shocking 30% of vulnerabilities in WordPress sites are left unpatched. This is not to say that people are not patching (they are not), but the report illustrates that vendors for plugins are not properly updating their own tools and software to address security issues. WordPress is one of the most popular content management systems available and has a very broad ecosystem of plug-ins, themes, and other bolt-on components to make it even more flexible and usable.

When you think of exploits and hacks two names jump into most security experts’ minds; Flash and Java. These two plug-ins have caused more problems for internet users than just about anything else. When you look for the root cause of many common malware applications (for lack of a better word) you will find that they most commonly get in through one of these two plug-ins with. So when we hear about one of these two finally (and we mean finally) getting an update to cover some of the numerous security flaws we think it is news worthy.

Mozilla has announced that the initial default values on their browser will force Internet users to manually enable plug-ins on every page that uses them. Firefox will therefore block attachments like Microsoft Silverlight, Adobe's Reader, Apple QuickTime, and Oracle Java. As a reason for this decision in Mozilla said they are doing this for improvements of security, stability and performance of the browser.