Browser Security Test

Ran test in both Netscape and IE

Netscape = No holes.

IE 2 Medium

BillyBob

 

Browser Security Test Results:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 2
Low Risk Vulnerabilities 0


ski123

 

Same here - 2 medium with IE. Both are not yet patched and the only suggestion was to disable javascript until a patch is offered.

Thanks Arie - nice link.

 

I tried the browser test without Zonealarm Pro running, found 2 medium vunlerabilities. With Zonealarm running, none were found.

 

No vulnerabilities with Netscape 7. Thanks for the link Arie!

Mike

 

Can't run the test

Hi all, Just joined your group.

I tried to run the test, but got a lot of popups , then my Browser froze. I am running SecureIE. Any ideas?

 

Browser Test

I completed the test and the report sates that I have two major vunerabilities and to get plug ins at Microsoft. I went to microsofr Update and they tell me my Browser is up to date and there is no update required. Whom to beleive ???

 

Internet Explorer 5.5sp2:
IE got stuck at test #19 out of 21 tests. Had to Ctrl/Alt/Delete and 'end task' on the different open IE windows until I got to the one that "unstuck" and closed IE .

Mozilla 1.0.1
(needed to check "open Unrequested Windows" in Edit Preferences Advanced Scripts and Plugins before the test would run)
High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0

Netscape Communicator 4.79
- No option to run the test - I got the following message:

=====================copy/paste==================================
This browser is very old. It is at least two versions behind the current. It is not supported by the vendor any more and no patches are provided for security problems. That means that it has known vulnerabilities that cannot be fixed without upgrading. We suggest that you upgrade your browser to a newer version and come back to test it.

 

Good Idea Arie,, Thanks

IE 6sp1 current
Not test available till adshield was disabled.of course.

Might worn people not to use these tests if resources are low !

2 medium with microsoftVM set to medium

1 with microsoft VM set to high
Even though i use sun's vm and its plugins

Lonny

 

Mrs

I am running Windows 98Se and SecureIE with 256 MB RAm., plenty of resources.

 

Lonny,

I hear you about warning people about low resources before running the test.

By the way, it wouldn't matter if you have 256MB ram or 64MB ram with Win9x... system resources are another matter and depend on what other programs you have running in the background.

I had resource meter (C:\WINDOWS\RSRCMTR.EXE) running during the tests and it never registered below 50% system resources. In fact it actrually went back up to around 70% right before IE froze up.

The FAQS on the testing site mention that they can't guarantee that the tests won't "crash" your browser. They weren't specific on what they meant by "crash" but I'm guessing they used the term to include a browser freezeup .

 

Yes memory has nothing to do with recources

My browser went through 2nd test but left four pops from test open --end task--resulted in all ie's closing.

Anyone mind explaining why setting msjava vm to high resulted in only one Medium Risk Vulnerabilities
I though it was talking about scripting near the bottom of security
setting--
People keep telling me ms vm and the scripting settings are two differnt things--arent they interdepedant, ?

PS dont get o technical --please

Lonny

 

If you want my 2 cents:

"2 medium with microsoftVM set to medium "

"1 with microsoft VM set to high
Even though i use sun's vm and its plugins"

In Internet Options, Security tab, when I select EITHER Internet OR Restricted sites, Custom Level button, under Microsoft VM, Java Permissions, I have "High Safety" selected. It makes sense that a high safety setting would be more secure then a mediim safety settting, but you say you use Sun's VM in Internet Explorer? If so, the Java (Sun) option will be checked on the Internet Options Advanced tab, and the Java Plugin applet in Control Panel will have Microsoft Internet Explorer checked on the browser tab.

I'm not sure how the Microsoft VM setting in Internet Options relates to differences you found in the browser test results if you are using Sun's Java in IE.

Setting Java Permissions at "high safety" means that if any website wanted to take more liberties, you would be prompted to give it permission.

If you want more details about Java permissions and Scripting in the context of security settings, look here:

http://www.nwnetworks.com/iezones.htm
...for example:

 

http://www.nwnetworks.com/iezones.htm

Thanks for the link Alice--You'r two cents are always welcome
I had forgot about custom settings for ms VM--
these settings also apply to any sunjavavm also-!
So I assume from you descritption , You also have the sunjavavm & plugins?

Lantakik welcome to WINDOWSBBS,,

SecureIE , Im not familur with this at all,
Could you temporaraly disable secure IE and run the test ?
But that would defeat the pupose..

Someone here will post other site's for browser testing maybe
and try the test link posted here again --to much internet traffic may play a part to.

Lonny

 

Running Netcaptor 7.10 RC1 win 2000, on ADSL, McAfee Firewall 4.0
Also have IE 6.0 all latest patches and updates

The test results indicate 2 High Risk vulnerabilities with Netcaptor, but none with IE 6.0.

Any idea why I would get different results with Netcaptor which I believe is just an addon to IE6, not a completely different browser?

thanks,
Allan