Although there is an increasing trend for attacks against popular Web browsers, only little is known about the actual patch level of daily used Web browsers on a global scale. We conjecture that users in large part do not actually patch their Web browsers based on recommendations, perceived threats, or any security warnings. Based on HTTP useragent header information stored in anonymized logs from Google's web servers, we measured the patch dynamics of about 75% of the world's Internet users for over a year. Our focus was on the Web browsers Firefox and Opera. We found that the patch level achieved is mainly determined by the ergonomics and default settings of built-in auto-update mechanisms. Firefox' auto-update is very effective: most users installed a new version within three days. However, the maximum share of the latest, most secure version never exceeded 80% for Firefox users and 46% for Opera users at any day in 2007. This makes about 50 million Firefox users with outdated browsers an easy target for attacks. Our study is the result of the first global scale measurement of the patch dynamics of a popular browser.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Baumgartner, K. Storm 2007 - Malware 2.0 has arrived. http://www.virusbtn.com/pdf/conference_slides/2007/BaumgartnerVB2007.pdf.
	2	T. Berners-Lee , R. Fielding , H. Frystyk, Hypertext Transfer Protocol -- HTTP/1.0, RFC Editor, 1996
	3	Jeffrey Dean , Sanjay Ghemawat, MapReduce: simplified data processing on large clusters, Communications of the ACM, v.51 n.1, January 2008  [doi>10.1145/1327452.1327492]
	4	R. Fielding , J. Gettys , J. Mogul , H. Frystyk , T. Berners-Lee, Hypertext Transfer Protocol -- HTTP/1.1, RFC Editor, 1997
	5	S. Frei, T. Dübendorfer, G. Ollmann, and M. May. Understanding the web browser threat. Technical Report 288, ETH Zurich, June 2008.
	6	Frei, S., Dübendorfer, T., Plattner B. Repository of high-resolution browser update dynamics plots. http://www.techzoom.net/risk.
	7	Janco. Browser and OS Market Share White Paper. http://www.e-janco.com/Samples/BrowserSample.pdf, Apr. 2008.
	8	Mozilla Foundation. User-Agent Definition. http://www.mozilla.org/build/revised-user-agent-strings.html.
	9	Net Applications. Browser Market Share. http://marketshare.hitslink.com/report.aspx?qprid=3, Jan. 2008.
	10	Net Applications. Search Engine Market Share. marketshare.hitslink.com/report.aspx?qprid=4, Apr. 2008.
	11	Ollmann, G. User Agent Attacks. http://www.technicalinfo.net/blog/security/20080121_UserAgentAttacks.html.
	12	Ollmann, G. X-Morphic Exploitation. http://www.iss.net/documents/whitepapers/IBM_ISS_x-morphic_exploitation.pdf.
	13	OneStat. Web Analytics. http://www.onestat.com/html/aboutus_pressbox53-firefox-mozilla-browser-market-share.html.
	14	N. Provos, P. Mavrommatis, M. A. Rajab, and F. Monrose. Google Technical Report: All Your iFRAMEs Point to Us. http://research.google.com/archive/provos-2008a.pdf, 2008.
	15	Niels Provos , Dean McNamee , Panayiotis Mavrommatis , Ke Wang , Nagendra Modadugu, The ghost in the browser analysis of web-based malware, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p.4-4, April 10, 2007, Cambridge, MA
	16	Qualys Research Report. Laws of Vulnerabilities. http://www.qualys.com/docs/Laws-Report.pdf.
	17	Secunia. Personal Software Inspector (PSI). http://secunia.com/blog/17/.
	18	TheCounter.com. Web Analytics. http://www.thecounter.com/stats.