Security management company Qualys has found that a large number of web browsers run out-of-date plug-ins that open the door to security exploits. This was the conclusion based on 420,000 scans done using the company's free BrowserCheck tool. The problem, according to Qualys CTO Wolfgang Kandek, has to do with the individual updating mechanisms that "make the [security] problem much bigger than it needs to be."

Java was cited as the most vulnerable plug-in; 40 percent of browsers with Java installed were found to be running vulnerable versions of the software. Other worries mentioned include Flash video, Shockwave and QuickTime. The eventual solution, according to Kandek, would be to emulate the integrated patching model found in mobile operating systems--and build the mechanism for updating plug-ins into the browser's own updating system.

For more:
- check out this article at Techworld

Related Articles:
RIM urges BlackBerry users to disable JavaScript amid security vulnerability
Java exploits at all time high, patch if you have not done so
Java exploits reach unprecedented levels, according to Microsoft
Adobe warns: Critical Flash flaw under active attack