Palemoon gets fixes after Firefox as it is and it's going to be tough for them to keep Sync 1.1 and XUL while Mozilla gets rid of them.
Avast forked up its Chrome fork, so flings fix after Google goggles
Antivirus vendor Avast has patched a vulnerability in its very own fork of the Chrome browser. And a good job too: the vuln allowed remote attackers to completely compromise the platform. Avast's SafeZone browser is bundled with its 2016 security products. It's based on the Avastium fork of Chrome, which is of course Google- …
COMMENTS
-
This post has been deleted by its author
-
Friday 5th February 2016 07:47 GMT Anonymous Coward
Bitdefender Safepay?
Does anyone know if Bitdefender Safepay is similarly impacted or at risk of this issue? I always worried about these dedicated browsers after my bank used to warn me that the latest version of Chrome was not being used. I then discovered that typically these "secure" browsers are a version or several behind the official release and no doubt missing subsequent security patches. Lazy bastards.
-
Friday 5th February 2016 08:50 GMT goldcd
Not so much laziness
Just google puts their patch into Chrome and then somebody else has to take that patch and merge it into their fork. Now maybe you could set it up so both branches get the patch simultaneously, but a pain to manage.
Being a "little bit" behind on your version wouldn't be too bad - except when Google announce they've applied a security fix and everybody in Chrome is now safe, it's not the hardest thing in the world to identify where they've applied their fix, and then wander off to see if any popular-ish browsers based on Chromium haven't got theirs yet.
-
-
Friday 5th February 2016 15:16 GMT Ilgaz
Sad
If you remember the first versions of these Eastern European miracles that changed the entire security software scene...
AVG and Avast started as extremely light, focused software which did one thing and did it perfectly. Once large funds and companies started to pour money, they added one bloat after another and became the very Symantec they fought with.
-
Friday 5th February 2016 17:27 GMT Spender
I'm not sure I like this...
... trend of software vendors turning my browsing machine into a bunch of exploitable web-services.
So they make a browser that also has an accompanying service that listens for HTTP requests on localhost for "commands". That's quite a wide attack surface for a "locked-down" browser.
It does make me wonder how safe the spotify client is, given that it operates in a surprisingly similar fashion in order to interact with web-pages.
-
Monday 8th February 2016 02:56 GMT Tree
I hate Google
When Avast! added it's unsafe bloatware browser, I never used it because I don't want to be tracked by Gurgle. Wonder what other problems they have with their insecurity suite.
I do not feel safe, so never bank online. Sorry, Amazon, but rather not put my credit card out there.. Gift cards work better. Too many fools out there to trust my money for the convenience of credit cards online.