|
|
|
|
|
|
by mattnewton
669 days ago
|
|
|
The bar for chrome was IE at the time, and it beat that. I think it’s also partly Google’s very open culture on CVEs that means they are discovered and reported on promptly. It’s difficult to tell how much it’s just increases awareness that browsers are full of holes and whether the holes are increasing in size/frequency tbh. |
|
|
I would say there were three trends that happened at the same time that really made a difference:
- People now actually update their web browser, and yes, started to ignore the browser vendor that wasn't shipping them (IE). Driveby download exploits started to disappear.
- Flash and Java went from enabled by default to prompt-first. Flash was later abandoned, and IcedTea-Web / Java Web Start had its core functionality gutted in later Java versions.
- No support for ActiveX at all, unless you wanted to go for IE Frame (Chrome and IE tabs under a Chrome interface) or Chrome Frame (IE and Chrome tabs under an IE interface), which quickly faded into corporate Intranet obscurity
All three saved us from a much worse future.