Microsoft today published a report that evaluates the security performance of Internet Explorer and Mozilla Firefox through a detailed comparative look at vulnerabilities. The “Web Browser Vulnerability Analysis” report finds that over a period of three years, Internet Explorer proved to have fewer vulnerabilities than Mozilla Firefox. The report research, conducted by Jeff Jones, Security Strategy Director in Microsoft’s Trustworthy Computing group, examines in detail the volume and severity of vulnerabilities in the two browsers and includes these key findings:
• Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products
• Internet Explorer experienced a lower volume of reported vulnerabilities across all categories of severity (high, medium, low)
Microsoft quitely announced the findings via the IE Blog.
View: Jeff Jones Report
View: Microsoft IE Blog
• Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products
• Internet Explorer experienced a lower volume of reported vulnerabilities across all categories of severity (high, medium, low)
Microsoft quitely announced the findings via the IE Blog.
















*hides*
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
hahahahahaha make me stop... Safari is the worse of all browsers!
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
Sorry couldn't resist
On topic: Promote Safari all you like, but the fact that I can't force new windows to open in tabs drives me away from taking Safari seriously. That plus this major bug that causes news articles on Neowin to show up in a God-awful red rectangle filling up the top half of the news articles. I give it points for being a speedy browser though.
*hides*
Not until Opera is properly compatible with most sites on the internet.
its nothing but that
its nothing but that
This, folks, is what you say when the truth hurts
its nothing but that
It's from Microsoft's own blog, so it must be true. (blatant sarcasm)
All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
its nothing but that
It's from Microsoft's own blog, so it must be true. (blatant sarcasm)
All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
Other than Outlook Express, IE and ActiveX controls, Windows is actually fairly secure. Of course, some of those things you can't quite get rid of unless you want an unpatched system, not to mention a lack of WGA, which is pretty much required by all Windows downloads these days it seems.
Once you get past those things though, it is just a matter of standard security - don't open unknown attachments, scan for viruses and malware regularly, keep your wireless connection encrypted (with WPA/WPA2 if possible), etc.
its nothing but that
Ok, I'll bite.
Microsoft has published their numbers to justify their claims. Where are yours?
its nothing but that
The major issue with the research done is that they count fixes as NEGATIVE (??), and don't mention open security holes.
Secunia rates the current versions of IE and Firefox as Firefox having less open bugs than IE, and the worst open bug also being more critical in IE.
I mean, the interesting part isn't how many are FIXED. That's the good part. Many fixed bugs. Good thing. The bad thing is how much is UNFIXED. Let's hear those statistics instead. Secunia tells that IE is losing there, even the latest version IE 7.
its nothing but that
Ok, I'll bite.
Microsoft has published their numbers to justify their claims. Where are yours?
Check Secunia. At least the current versions of the browsers has Firefox winning out on both one less total bug, more fixed ones, and where the unfixed ones are less severe. Three strikes there and I'd say IE 7 is out. At least versus Firefox 2. I didn't check Firefox 1.5 vs IE 6 because they aren't as interesting in the end of 2007 to me.
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
Um yes, those programs automatically download warez and viruses all on their own. I'm sorry but is the un-aware, un-knowlegable, cheap-assed consumer that is the reason for downloading infected warez and installing viruses.
Windows is only as secure as it's weakest link aka the user.
Also keep in mind that fixing vulnerabilities is a good thing. Mozilla fixes bugs much faster than MS does, thus making for less exploitable vulnerabilites. I am using IE7 right now.
How about Opera?
its the price for popular software, hackers cares to find holes on them
its now that firefox team will have to show what they made of and make a even greater software without many holes on it
Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.
Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.
I think you mean these guys.
Uhhh if Firefox can load a webpage in 1 second on his current computer, why would he waste money on a better computer so IE7 can do the same thing?
But Firefox is the best browser made in the history of the internet.
But Firefox is the best browser made in the history of the internet.
Sorry, that goes to Opera.
Sorry, that goes to Opera.
Agreed since it is actualy standards compliant...
Sorry, that goes to Opera.
Agreed since it is actualy standards compliant...
Opera is not bad ill give you that much. i just dont like it's interface etc., plus Firefox uses extentions which are nice (i dont use many but i do use a few)
so for me ill choose Firefox over Opera or IE7... although Opera i think is pretty good under the hood from what i heard like it's memory usage/speed etc.
firefox does tend to suck up memory but not as bad as people claim as far as i can tell.... i usually leave my browser open for hours and loads lots of websites etc and i dont go to much over 100MB... i dont think i ever seen it even @ 200MB..... sure 100MB is probably a little memory hungry but when you got 1GB (hell, even 512MB would be good on xp) of system ram on windows xp that aint going to hurt performance
firefox might be a good browser, but mozilla not a commercial company? where are you getting that from? They made a hefty profit last year
Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it
Focus your comments a little.
Focus your comments a little.
tell that to the OP
Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it
Those are short term costs (which work both ways anyway), I'd look a bit more ahead in the future if I was to evaluate the TCO.
The 'numbers' are in the Jeff Jones report. If you dispute them, kindly provide references and an explanation...
The 'numbers' are in the Jeff Jones report. If you dispute them, kindly provide references and an explanation...
guess you didn't read anyone else's post they gave numbers do a Google search you will find hundreds of sources who dispute Mr Jones report.
Last edited by TSThomas on 30 Nov 2007 - 20:48
Coming up next: The Sky: Is It Really Blue?
It accually isnt. Thanks to the reflextion of the sun, it is.
You have just made yourself look real dumb
It accually isnt. Thanks to the reflextion of the sun, it is.
a contradiction, in 1 sentance, well done.
You have just made yourself look real dumb
Please learn spelling and grammar before insulting someone else's intelligence.
It accually isnt. Thanks to the reflextion of the sun, it is.
You have just made yourself look real dumb
Actually you are also completely correct. It's not the reflextion (or rather refleCtion) of the sun light... In the sky, there are only dust particles and gas molecules. Sun light might get reflected when it hits the dust particle, but this doesn't make the sky blue.
The one which "produce" the blue sky is the Rayleigh scattering.
You have just made yourself look real dumb
Please learn spelling and grammar before insulting someone else's intelligence.
It actually isn’t. Thanks to the reflection of the sun, it is.
You have just made yourself look real dumb
Happy? Getting your period or something? Don't get emotional please....
And still MS IE is a crap. Why? I think most of people already know, especially developers making or trying to make nice working Web 2.0 websites.
Safari is the browser that pukes. If you want to complain about making things hard for web developers, talk to Apple (or webkit people).
I agree with Brandon; from a developer standpoint, Safari is the worst browser right now. It is getting somewhat better, but it's still at the end of the browser train.
Damit, it's Fx. Check the mozilla faq, it's Fx, Fx guys, Fx not FX or FF, just Fx.
Also, you can't compare the quantities of types of vulnerabilities (high/med/low) found, since both companies use a different ranking system.
And he should have mentioned response times too. Time To Patch multiplied by the Number Of Users, and then seen which browser is better; If browser A has one vuln for one month, and browser B has two vulns for 1 week, which one is more secure?
Last edited by Cryton on 30 Nov 2007 - 21:11
Also, there's a flipside to MS saying that they've made less fixes. Does that mean that IE has more unpatched issues than its competitors?
Some things people forget is that Netscape Navigator 6 was released almost exactly SEVEN years ago...utilizing Mozilla v0.6 (Gecko) for its underlying engine. Mozilla released 10 versions during the time between Netscape 6.2 and 7.0 releases.
Firefox is considerably more mature than some people give it credit for.
Now..... that is fanboy fodder if I've ever seen it.
The facts are what they are. If you still prefer another browser then that's fine. But it's not Microsoft who looks unbelievably ignorant when you dismiss facts as lies just because you have a product preference.
http://www.neowin.net/news/main/07/11/30/m...efox?cid=598280
You're right ... you are a troll.
besides firefox patch their vulnerabilities very fast compared to the "monthly" patch cycle of ie.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
exactly
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.
Last edited by J_R_G on 30 Nov 2007 - 22:52
I've never used it, but isn't the Firefox (safemode) icon used just for that purpose? I could be wrong.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.
Ironically, most of PC users are still using Windows XP. Even there are some of them out there who ditch Vista and 'upgrade' themselves to "a more familiar experience" (a.k.a. XP)
"Note: All vulnerabilities discovered by Secunia Research are reported directly to the vendors in a responsible manner, giving the vendor 2 weeks to reply with a confirmation & details about the expected release date for the security update. Secunia always wait for the security update - as long as the vendor keeps a reasonable time frame for issuing the update & actively co-operate with the Secunia Research team."
I.e. newer, as yet unpatched, vulnerabilities may not be listed in those stats.
i dont see why people are getting upset about it, i doubt anyone is going to stop using firefox because microsoft says theres is better.
the report is probly flawed anyway.
i dont see why people are getting upset about it, i doubt anyone is going to stop using firefox because microsoft says theres is better.
the report is probly flawed anyway.
Translated ...
Hi, I have no idea what I'm talking about, because I haven't read the report ... but I have my biases and will make stupid ass comments just to make IE look bad.
Oh, and I can't spell and don't know how to use a f@cking contraction.
How does this guy normalize the severity of the security flaws? The same high rated flaw in Firefox might be considered a low rated flaw in IE7.
With that in mind, his argument would be stronger if he could specify vulnerabilities present in Firefox and not in IE7 that would compromise the average end-user's PC, not some drone computer running security analytics.
Where's the fancy diagram outlining average release times for security fixes? That'd be a great comparison if Jeff Jones's wasn't eating out of Bill Gates's hand.
How does this guy normalize the severity of the security flaws? The same high rated flaw in Firefox might be considered a low rated flaw in IE7.
"This guy" was nice enough to include the source for this info in the report, if you had read it you would have seen the link to:
The National Vulnerability Database (NVD) , a database superset of the Mitre CVE list (http://cve.mitre.org) which provides additional objective information concerning vulnerabilities was the source utilized for severity ratings and exploit complexity assessment. The NVD is also sponsored by the US Department of Homeland Security and makes their data downloadable in an XML format at http://nvd.nist.gov/download.cfm.
I guess it's easier to make idiotic anti-MS comments then do real research, though.
Vulnerabilities in IE are not related to those in FF, so you can assume that all vulns. in FF are not in IE and vice versa.
Maybe the data is not availible, and it's not even relevant to Vista users where IE7 runs in Protected Mode.
Seriously guys, it just is Fx, not FF. You all should read the mozilla faq. It's plain and simple Fx.
Last edited by schaggo on 03 Dec 2007 - 01:12
I was a Netscape user in the early 90s. Then Netscape sat on their asses and did nothing to improve it, and when they finally did, they made it worse. So came along IE. And it was a better browser than Netscape and eventually killed it. Then MS did nothing to improve IE for quite a long time. How long were we using IE6? So then came along Firefox, and it was better than IE6. So I switched to Firefox. Now I can't live without the Firefox plugins, so much that I don't even care how secure IE7 is compared to Firefox. Plus being a cross platform user between Windows, Macs, and Linux, I get one Firefox browser that's consistent on all platforms. Sorry MS, you'll have to wait till the firefox team sit on their ass and do nothing to improve Firefox, then maybe I'll consider an alternative browser. Don't hold your breath though.
IE 7 -- 19 security issues, 37% of those still unpatched: http://secunia.com/product/12366/
Firefox 2 -- 18 security issues, 22% of those still unpatched: http://secunia.com/product/12434/
The most criticial unpatched flaw is also worse in IE 7 than Firefox, at moderately criticial.
What, but does that mean that they have more open issues in IE than Firefox? I mean, you can take that information as both a problem for IE and not.
It's not interesting how many bugs are FIXED. The interesting part is how many are OPEN.
There doing something right now because i got the download and install popup, checked here and filehippo and there wasnt a mirror or entry in for it yet ^_^
Where exactly did you hear that?
DEP is both a hardware and software thing. If you have a newer cpu that supports the NX feature, you don't need to waste software cycles on a software solution.
DEP has nothing to do with the site and everything about the program that it running. It will only close a program if it accesses it's unassigned memory (i.e it has a bug which was successfully exploited by the site). Since DEP is implemented at the OS level, it applies to all programs (including FireFox ). So the reason that it wont "close" FireFox, is because FireFox was not exploited by the site.
Where exactly did you hear that?
DEP is both a hardware and software thing. If you have a newer cpu that supports the NX feature, you don't need to waste software cycles on a software solution.
DEP has nothing to do with the site and everything about the program that it running. It will only close a program if it accesses it's unassigned memory (i.e it has a bug which was successfully exploited by the site). Since DEP is implemented at the OS level, it applies to all programs (including FireFox ). So the reason that it wont "close" FireFox, is because FireFox was not exploited by the site.
My CPU supports DEP, so turning it on in Windows enables the hardware DEP, where it was previously not being taken advantage of. I realize that you can enable operating system-wide DEP (which I have done), but I can only imagine that DEP built-in to a browser would be more effective than enabling DEP operating system-wide so that you can have it for your web browser.
Where exactly did you hear that?
DEP is both a hardware and software thing. If you have a newer cpu that supports the NX feature, you don't need to waste software cycles on a software solution.
DEP has nothing to do with the site and everything about the program that it running. It will only close a program if it accesses it's unassigned memory (i.e it has a bug which was successfully exploited by the site). Since DEP is implemented at the OS level, it applies to all programs (including FireFox ). So the reason that it wont "close" FireFox, is because FireFox was not exploited by the site.
My CPU supports DEP, so turning it on in Windows enables the hardware DEP, where it was previously not being taken advantage of. I realize that you can enable operating system-wide DEP (which I have done), but I can only imagine that DEP built-in to a browser would be more effective than enabling DEP operating system-wide so that you can have it for your web browser.
Actually it would be way more inefficient, but I see how someone may think that. If you have hardware DEP, and your OS supports it, you don't need to enable any other memory protection...as all it does is add extra overhead.
No it doesn't, I use it and I can't even tell performance wise firefox is sandboxed
Care to back that up with something other than a row of Greater-Than Signs?
If you don't I'm going to assume you're just another IE fanboy.
If you don't I'm going to assume you're just another IE fanboy.
Try reading the article ?
If you don't I'm going to assume you're just another IE fanboy.
Try reading the article ?
Try actually reading the article? (paying attention not only to what it says but also to what it doesn't, and comparing the numbers with other sources).
this can account for more than 2000 vulnerabilities Firefox has lol
Pretty bad when I have to 'pay' for most of those plug-ins
Guess IE just needs some time to catch up to Firefox add ons, but so far it seems like they don't prescreen and just accept anything. My own personal opinions though, I still think IE is making progress, it just needs to work a bit harder at some things.
Last edited by warwagon on 01 Dec 2007 - 02:24
a) know about
and
b) know how to protect you from
and
c) have implemented such protection into an update for Spyware Blaster
While the lists of vulnerabilities in Spyware Blaster may be representative of the state of known Spyware/Malware issues vis-a-via IE and Firefox, it is just one aspect of the total browser security scene.
PS. I use Spyware Blaster myself. I use it to reinforce the similar functionality that Spybot S&D provides. Good program.
a) know about
Given the ludicrous number of things it does protect you against, then its MIND BOGGLING to think about the ones they don't know about
a) know about
Given the ludicrous number of things it does protect you against, then its MIND BOGGLING to think about the ones they don't know about
No, it's rather simple, actualy. They can't possibly make definitions for every new malware threat faster than new threats actualize. It's just not humanly possible. In that respect., it's the same as with anti-virus definitions: There's always a lag-time between when new threats appear and when definitions to protect against those threats are available.
That just proves Mozilla is faster and more responsive when it comes to acknowledging and fixing problems than Microsoft is. There's an entire community of coders who actively work at resolving known Firefox issues in concert with Mozilla. Can't really say the same for IE.
Operative word is "lower"
As in, "lower than before", not "lower than the competition."
Silly Microsoft, tricks are for kids. If you're going to claim that your product has fewer reported vulnerabilities (both fixed and unfixed) than the competition, it helps if your company doesn't have a pattern of ignoring and discounting reports of said vulnerabilities.
It also helps if you don't insist on comparing apples to oranges: Internet Explorer 1.0 was initially released in August of 1995. Mozilla Firefox 1.0 was initially released in November of 2004. That means that the Internet Explorer developers have had nine years more than their Firefox counterparts have had to work on their respective codebases. It also means that the Firefox developers had nine years to study and learn from what Internet Explorer did right and from what Internet Explorer did wrong.
I like mixing apples and oranges together as much as the next guy, but I limit such activity to the making of fruit salad, not statistics salad.
Last edited by Croquant on 01 Dec 2007 - 02:53
Would that by chance be served with . . . 1,000 Islands dressing?
Would that by chance be served with . . . 1,000 Islands dressing?
It comes with your choice of Microsoft Millennium Archipelago* dressing or Mozilla Dancing Lizzard dressing.
*By choosing the Microsoft Millennium Archipelago dressing you agree to activate your salad before you eat it, and agree to let a team of bouncers from the Microsoft Genuine Advanytage team will take you in the back and give you a free colon inspection to confirm that you are not a salad dressing pirate.
Would that by chance be served with . . . 1,000 Islands dressing?
It comes with your choice of Microsoft Millennium Archipelago* dressing or Mozilla Dancing Lizzard dressing.
*By choosing the Microsoft Millennium Archipelago dressing you agree to activate your salad before you eat it, and agree to let a team of bouncers from the Microsoft Genuine Advanytage team will take you in the back and give you a free colon inspection to confirm that you are not a salad dressing pirate.
Nice!
IE7 and Firefox are excellent browsers and have their faults respectively. With proper security measures in place on one's system, there is very little to fear.
Education is the most effective way of patching security issues. If you know what to avoid or not to do, the browser written by the chimp next door can be safe.
People have their preferences in browsers like they do in beverages. Free choice is a wonderful thing...
So, if we look at this another way, Mozilla fixed more vulnerabilities than Microsoft. Wow. It just says how many were fixed, not how many existed.
Edit: just read Croquant's post and he's got the same idea I was thinking at the beginning of his post.
Some of the vulnerabilities in FireFox and/or Opera are actually vulnerabilities due to Windows components, and it's not listed under Internet Explorer's fixes.
the way i see it is... even if that statement is true, as long as those vulnerabilities are fixed in a prompt time frame BEFORE there exploited then thats the bottom line
even though im a Firefox fan myself... i think anyone could have predicted (and did on this forum) that once Firefox got more popular, more flaws would be found in the browser.
even though i use Firefox full time myself... i gotta admit IE7 (or IE in general for that matter) is probably more tuned software since it's been out for ages and had LOTS of testing and tweaking over it's many many years..... everyone just likes to poke fun at it since it's the most used browser and it's a MS product. lol
I'm guessing that number would be anywhere around 40-50%. FYI even pirated users can download & install IE7.
In order to avoid the 'Windows Genuine Advantage' menace most pirated PC's have Automatic Updates disabled. So, while Firefox users are automatically updated to the latest version, most IE users are not.
http://shaver.off.net/diary/2007/11/30/cou...prisingly-hard/
Maybe it's just me but Shaver makes a lot more sense than the Microsoft report..
how so? By telling the entire world about every security exploit in it's browser? Yea, that's smart thinking.
I admit I'm feeling alright with IE7 too, but Firefox is just a better browser.
Not to mention that without Firefox IE would've still suck.
That just made me so happy reading that in Mozilla's response.
Not sure what Safari is like on Windows, but I use Safari 3 with a couple of useful plugins on OS X Leopard and it's great.
I enjoy Camino as well - it's a lively project . . . a lean, clean, fast browser with some very nifty features.
Active development makes it almost certain to have more flaws than an application that never changes bar patching discovered holes.
Last edited by yakumo on 02 Dec 2007 - 15:53
And posting "I like FF anyways" crap is so lame, I mean the argument is about security, changing the subject to avoid admitting defeat is typical of this crowd, as everyone has seen for years now. If you don't have anything to add about security of the browsers, you're just trolling, have fun but I and other educated people are ignoring you.
To summarize the report because the FF fanboys refuse to read it (or read it properly and thoroughly):
IE has less fixed vulnerabilities than FF, for similar products timelines (IE7 vs FF2, etc.).
IE has less unfixed vulnerabiltiies (the type Shaver pretended weren't in the report or else he just did not read it, that undermine his whole argument) than FF.
Not in the report that's relevant to the argument:
IE7 in Vista runs in sandboxed protected mode by default, so none of it's vulnerabilities could be exploited even if you were unpatched (isn't that something? - if you don't want this type of security and choose not to upgrade, that's YOUR problem, it's a choice and many people are taking advantage of it.)
Conclusion:
IE is more secure than FF. This has nothing to do with whether your favorite plug-in is available for IE or not, this is to counter the general perception that FF fanboys artificially generate by spamming truly clever little comments over and over to forums, like that IE is "swiss cheese", etc. If you like FF better than IE, fine, knock your self out, but know that your flat out wrong security arguments against IE have become less effective because of researched, documented studies. FF will just have to compete on merrits rather than slashdot/digg style one-liners about IE security. Terrible, I know.
Last edited by J_R_G on 02 Dec 2007 - 16:40
Hahaha. I'm sorry I don't have a Ph.D in the Internets, will you please not ignore me, sir?
Why would anyone bother to read it? Who cares what some MS employee says.
Well hey, I guess I will go and spend $240 on Vista and $1000 on a PC that can run Vista smoothly just so I can feel secure.
I like FF anyways. "Admitting defeat"? Lmao, wow, we're talking about browseres here. Someone takes this a little seriously.
That's new to me.
I love how you ramble about "fanboys" when you spent an obvious amount of time on your reply against the people who just like Firefox. I love how just liking and/or using a product makes you a fanboy, it's ridiculous.
PHAIL.
Imagine Microsoft finding their product to be superior to their rivals, in their own study no less! Why, there's no bias there at all! Cigarette companies constantly put out reports about how smoking was safe for your health (and in the past, even beneficial!
This just in: My in-depth study of the Internet has determined, in my latest report, that A Clockwork Lime is the greatest human being to ever have been born to this Earth in every conceivable way, shape, and form! It's a report, so that makes it official. No denying that one.
http://freewebsoftwarereviews.blogspot.com/
So what do we have here? A statement that IE7 has less vulnerabilities than Firefox, that actually doesn't mean anything but tries to lead the reader to a quick and false conclusion (being "IE7 is more secure than Firefox"
First, I think one word has been forgotten here: reported vulnerabilities. What about all the hidden ones that have yet to be found? Please compare apples with apples and don't forget that Firefox is an open source project while IE7 is a proprietary, closed source one. Of course it is much more easy to find and report vulnerabilities in an open source project, where the public has full access to the source code and to a bug tracking system! Actually, the Mozilla foundation encourages you to do so, while Microsoft tries to hide the bugs and vulnerabilities as long as possible. If you want to compare closed source to closed source, then compare IE7 to Opera.
Secondly, it isn't specified if the reported vulnerabilities are "critical" or just minor. This is purely subjective. What's really important regarding security is: how much time does it take to fix a vulnerability once it has been reported, and how many vulnerabilities have actually been exploited, and for how long?
And I didn't even mention the fact that IE7 has tons of rendering and javascript bugs waiting to be fixed or that its standards support is just pathetic. Because these are not vulnerabilities, Microsoft isn't moving a finger to fix them.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.