[Updated: 9/16/2005 7:22PM] Now that Firefox has become the first viable contender to Microsoft Internet Explorer in years, its popularity has brought with it some unwanted attention. Last week's premature disclosure of a zero-day Firefox exploit came a few weeks after a zero-day exploit for Internet Explorer appeared on the Internet. Firefox not only has more vulnerabilities per month than Internet Explorer, but it is now surpassing Internet Explorer for the number of exploits available for public download in recent months.

:source: Source: http://blogs.zdnet.com/Ou/

Mozilla has reacted to a Symantec report issued on Monday which said serious vulnerabilities were being found in Mozilla's browsers faster than in Microsoft's Internet Explorer. The study was conducted over the first six months of 2005.

Tristan Nitot, president of Mozilla Europe, hit back by claiming on Monday that when a vulnerability is found Mozilla's "ability to react, find a solution and put it into the user's hands is better than Microsoft."

He also argued that, according to security company Secunia's statistics, the Microsoft vulnerabilities were more critical, and had been so over a longer timescale. In the period 2003 to 2005 Secunia have issued 22 security advisories regarding Firefox 1.x, and rate it as "less critical". In the same period Microsoft Internet Explorer 6.x had 85 Secunia advisories, and is rated as "highly critical".

Nitot likened the differences between Firefox and IE vulnerabilities as being like injuries: "Which would you prefer, to have a broken finger, or your head ripped off?"

:source: Source: ZDNet UK (http://news.zdnet.co.uk/0,39020330,39219186,00.htm)

He also argued that, according to security company Secunia's statistics, the Microsoft vulnerabilities were more critical, and had been so over a longer timescale. In the period 2003 to 2005 Secunia have issued 22 security advisories regarding Firefox 1.x, and rate it as "less critical". In the same period Microsoft Internet Explorer 6.x had 85 Secunia advisories, and is rated as "highly critical".



That guy is not telling us everything, when he says they are rated "less critical".


See where it says Extremely Critical (//secunia.com/product/4227/)

So there are some that are indeed highly important to fix.

I can't stand IE as much as the next person, but people need to be made aware of these things so they don't float around on this "my browser is safe" bubble.

Edit: From Secunia's website, a bit down the page more:

Breakdown of the ratings (//secunia.com/graph/?type=cri&period=all&prod=4227)

17% haven't even been patched yet.


Complete Breakdown of what the issues affect (//secunia.com/graph/?type=imp&period=all&prod=4227)

Of course none is safe.
And as they get more popular more and more people are going to be finding ways to make it vulnerable.

But firefox's problems are cured within hours or days of when the problem is found, which it could take weeks for microsoft...

So firefox is still safer than IE in my opinion.

Of course none is safe.
And as they get more popular more and more people are going to be finding ways to make it vulnerable.

I don't ever deny, or dispute this.


But firefox's problems are cured within hours or days of when the problem is found, which it could take weeks for microsoft...


That is where my dispute lies. If you look at the facts, this is not completely accurate.

And, people need to be made aware of the updates as more and more users are added.

Symantec: Mozilla browsers more vulnerable than IE :

http://news.zdnet.com/2100-1009_22-5873273.html


Oh by the way I'll take my chances with FF . :)

In that report, it says that Symantec only take into account the flaws acknowledged by the vendor.

There are a further nineteen security issues that MS have to deal with regarding IE, compared to just three for Mozilla.

Maybe next month's article by Symantec will tell an entirely different story.