[news=http://www.symantec.com/img/util/logo_nav.jpg]I know I'm a FF fanboy but I still laff at the comparison, .
Symantec changes the way it tallies potential security gaps in browsers and concludes that Mozilla Firefox has fewer vulnerabilities.
By Gregg Keizer
Mar 7, 2006 04:16 PM
Symantec has changed how it spells out Firefox and Internet Explorer browser vulnerabilities in reaction to complaints last September from Mozilla Firefox users and developers.
"How we did it before wasn't a fair comparison," said Oliver Friedrichs, the senior manager of Symantec's security response group. "It wasn't an apples to apples comparison."
Previously, Symantec's Internet Security Threat Report counted only vendor-confirmed bugs in the two browsers, which led to gripes from Firefox fans that the Internet Explorer tally was inaccurate, and too low.
In the newest report, which Symantec issued Tuesday, the Cupertino, Calif.-based security company has split the counts into two categories: vendor-confirmed and a combination of vendor- and non-vendor-confirmed flaws.
That gives the edge to IE in one tally, Firefox in the other.
In the last six months of 2005, Microsoft confirmed 12 vulnerabilities in Internet Explorer, down slightly from the 14 in the first half of last year. Firefox, however, sported 13 vendor-confirmed flaws, one more than IE, but also down from the 27 in the previous period.
In fact, when counting only vendor-confirmed bugs, Firefox appears to be significantly more vulnerable than IE over the last 18 months. During that period, the number of Firefox-admitted flaws easily topped 60. In the same period, IE posted fewer than half as many vendor-confirmed bugs.