Browsers are the gateway drugs of internet security: they give users direct access to millions of potentially malicious websites with payloads targeting deeper vulnerabilities. Between phishing scams and socially engineered malware attacks, there's no lack of threats available online. With browsers giving users access to everything outside the protected network, users can inadvertently expose the network to malware or other threats. Most employees depend on browsers for their productivity, whether it be for email, project management, or other required applications. In many cases, the browser has become the first line of defense.
Whether because they are more targeted, or just inherently more insecure, web browsers now have more vulnerabilities than the operating systems they run on. In 2012, the National Vulnerability Database listed 454 vulnerabilities for the top five web browsers, 36 more than all operating systems combined. Since the bulk of exploits target known vulnerabilities, it is vitally important to keep all the web browsers on your network up to date. According to SOPHOS, "90% of attacks can be prevented with an existing patch". Microsoft, Google, and Mozilla are releasing patches for known vulnerabilities on a regular basis. Just in February of this year, Microsoft released patches that fixed 14 different vulnerabilities. These patches are making browser exploits harder and harder to find, even for those who get paid to find them.
ControlsInsight provides detailed information on your coverage of these potentially huge security holes. Once you're logged into ControlsInsight, you can get an instant view of your coverage:
When you click on "Assets with Firefox up to date", you will be taken to Deployment and Coverage Details which includes steps to apply updates across your network, plus a list of assets that are currently out of date. You can even see the exact version installed on each asset:
By following the deployment procedure, you can keep your users' browsers up to date and prevent the majority of attacks. That decrease in risk will be reflected in an improved grade in ControlsInsight.