ActiveX controls accounted for an overwhelming majority of all browser plug-in vulnerabilities in the second half of 2007, Symantec said this week in its semi-annual Web security report. Microsoft's technology, primarily used to create add-ins for Internet Explorer, accounted for 79 percent of the 239 plug-in bugs discovered between July and December 2007, Symantec said. The plug-in with the next-highest number of flaws was Apple's QuickTime, which had just 8 percent of the six-month's total. Only one vulnerability in a plug-in for Mozilla's Firefox browser was detected in the same period, meaning Firefox's extensions -- the moniker Mozilla uses for plug-ins -- accounted for only 0.4 percent of all found flaws.

Full story: infoworld.com