Security By Obscurity Doesn't Work Anymore
Case in point: We have no IE bugs to report this month, but both Firefox and Safari have been hit hard.
So forget the idea that just because you've switched to a new browser, you're magically safer. You may be for a time, but to stay safe with any software, you need to keep current with fixes.
In a somewhat dubious recognition of Firefox's growing popularity, hackers have focused their attention on it, leading to a rash of newly discovered holes. The folks at Mozilla recently released two Firefox updates in less than six weeks, fixing a total of five critical security vulnerabilities. All five can be exploited by planting a poisoned JavaScript file in a Web site and waiting for you to stumble across it.
Mozilla and Apple seem to be doing a good job releasing patches to deal with the security holes as they appear, but the article also mentions a particularly nasty way to pick up a Safari virus: If you forget to uncheck a box during an iTunes update, Apple is going to give you the Safari browser whether you want it or not. And if you don't update it because you don't know you have it, you won't receive the patches they release to protect their users from such attacks. And no snickering from IE users, please; hackers have just turned their attention to attacking MS Office instead of the browser. Be careful out there, people!