Web Browser Security

Web browsers present a common entry point for intruders into your network. It's fairly well-known that intruders often craft exploits targeted at various browsers, particularly Internet Explorer and more recently, Firefox. Microsoft has done a reasonable job of improving the security of IE over time and Mozilla Organization is quick to release new versions of Firefox that improve security.

But even so, no software is without some sort of bug and someone might eventually find that bug and develop a way to exploit it. It seems as though a contest of skill takes place between application developers and bug hunters. While some bug hunters have benevolent intent invariably other bug hunters are outright malicious. Meanwhile end users are stuck in the middle and security administrators must do their best to defend their networks.

Some companies have shifted from using IE to using Firefox, Opera, or other Web browsers as a means of reducing their overall security risks. Other companies bolster the security of IE through various means, including stricter browser settings, additional registry tweaks, browser add-ons, and content filtering systems that help stop exploits before they reach desktop systems.

How do you mitigate the risks presented through vulnerabilities in Web browsers on your network?