Slashdot Mirror

← Back to Stories (view on slashdot.org)

Browser Vulnerability Study Unkind to Firefox

Posted by ryuzaki0 on from the still-beats-IE-on-my-linux-boxes dept.

Browser Buddy writes "A new Symantec study on browser vulnerabilities covering the first half of 2006 has some surprising conclusions. It turns out that Firefox leads the pack with 47 vulnerabilities, compared to 38 for Internet Explorer. From Ars Technica's coverage: 'In addition to leading the pack in sheer number of vulnerabilities, Firefox also showed the greatest increase in number, as the popular open-source browser had only logged 17 during the previous reporting period. IE saw an increase of just over 50 percent, from 25; Safari doubled its previous six; and Opera was the only one of the four browsers monitored that actually saw a decrease in vulnerabilities, from nine to seven.' Firefox still leads the pack when it comes to patching though, with only a one-day window of vulnerability."

3 of 253 comments (clear)

  1. Version? by in2mind · · Score: 5, Interesting

    The ARS Technica doesnt mention the version for any of the browsers they mention.When they say 47 bugs were discovered for Firefox ,which version are they talking about? 1.5? 1.7? 2.0 Beta? Same for IE. 6 or 7?

    --
    Wincopy
  2. What do the numbers even mean? by Chris+Burke · · Score: 5, Interesting

    The article says that their numbers come from Symantec's security threat report, but where does Symantec get their numbers from? Obviously to count a vulnerability, they have to know about it. Are they only counting ones they have verified, any that have been publicly announced, do they do their own research? Are we counting all the vulnerabilities that appear in bugzilla? Are we not counting the vulnerabilities that MS knows about but hasn't made public?

    I can't really say, but to me it looks like exactly what I would expect from an open source system: More publicly known bugs (not necessarily more or less actual bugs), and a faster turnaround time on bugs.

    --

    The enemies of Democracy are
  3. ActiveX by AnalogDiehard · · Score: 4, Interesting
    ActiveX is IE's major vulnerability to drive-by downloads, covert spyware/adware installs, and malicious attempts to take over your computer. Because IE is the dominant browser, it is the target of most malicious coders.

    Firefox may have more vulnerabilities, but none of them are as dangerous as the ActiveX server in IE. The numeric comparision in TFA is not even half the truth.

    M$ won't patch a vulnerability IE overnight - but look how fast they patched a hack to their WMP DRM.

    --
    Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10