Microsoft today published a report that evaluates the security performance of Internet Explorer and Mozilla Firefox through a detailed comparative look at vulnerabilities. The “Web Browser Vulnerability Analysis” report finds that over a period of three years, Internet Explorer proved to have fewer vulnerabilities than Mozilla Firefox. The report research, conducted by Jeff Jones, Security Strategy Director in Microsoft’s Trustworthy Computing group, examines in detail the volume and severity of vulnerabilities in the two browsers and includes these key findings:
• Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products
• Internet Explorer experienced a lower volume of reported vulnerabilities across all categories of severity (high, medium, low)
Microsoft quitely announced the findings via the IE Blog.
View: Jeff Jones Report
View: Microsoft IE Blog
• Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products
• Internet Explorer experienced a lower volume of reported vulnerabilities across all categories of severity (high, medium, low)
Microsoft quitely announced the findings via the IE Blog.

*hides*
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
hahahahahaha make me stop... Safari is the worse of all browsers!
*hides*
Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.
Sorry couldn't resist
On topic: Promote Safari all you like, but the fact that I can't force new windows to open in tabs drives me away from taking Safari seriously. That plus this major bug that causes news articles on Neowin to show up in a God-awful red rectangle filling up the top half of the news articles. I give it points for being a speedy browser though.
*hides*
Not until Opera is properly compatible with most sites on the internet.
its nothing but that
its nothing but that
This, folks, is what you say when the truth hurts
its nothing but that
It's from Microsoft's own blog, so it must be true. (blatant sarcasm)
All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
its nothing but that
It's from Microsoft's own blog, so it must be true. (blatant sarcasm)
All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
Other than Outlook Express, IE and ActiveX controls, Windows is actually fairly secure. Of course, some of those things you can't quite get rid of unless you want an unpatched system, not to mention a lack of WGA, which is pretty much required by all Windows downloads these days it seems.
Once you get past those things though, it is just a matter of standard security - don't open unknown attachments, scan for viruses and malware regularly, keep your wireless connection encrypted (with WPA/WPA2 if possible), etc.
its nothing but that
Ok, I'll bite.
Microsoft has published their numbers to justify their claims. Where are yours?
its nothing but that
The major issue with the research done is that they count fixes as NEGATIVE (??), and don't mention open security holes.
Secunia rates the current versions of IE and Firefox as Firefox having less open bugs than IE, and the worst open bug also being more critical in IE.
I mean, the interesting part isn't how many are FIXED. That's the good part. Many fixed bugs. Good thing. The bad thing is how much is UNFIXED. Let's hear those statistics instead. Secunia tells that IE is losing there, even the latest version IE 7.
its nothing but that
Ok, I'll bite.
Microsoft has published their numbers to justify their claims. Where are yours?
Check Secunia. At least the current versions of the browsers has Firefox winning out on both one less total bug, more fixed ones, and where the unfixed ones are less severe. Three strikes there and I'd say IE 7 is out. At least versus Firefox 2. I didn't check Firefox 1.5 vs IE 6 because they aren't as interesting in the end of 2007 to me.
Microsoft Outlook
Microsoft Internet Exploder
Infected warez
You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.
Um yes, those programs automatically download warez and viruses all on their own. I'm sorry but is the un-aware, un-knowlegable, cheap-assed consumer that is the reason for downloading infected warez and installing viruses.
Windows is only as secure as it's weakest link aka the user.
Also keep in mind that fixing vulnerabilities is a good thing. Mozilla fixes bugs much faster than MS does, thus making for less exploitable vulnerabilites. I am using IE7 right now.
How about Opera?
its the price for popular software, hackers cares to find holes on them
its now that firefox team will have to show what they made of and make a even greater software without many holes on it
Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.
Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.
I think you mean these guys.
Uhhh if Firefox can load a webpage in 1 second on his current computer, why would he waste money on a better computer so IE7 can do the same thing?
But Firefox is the best browser made in the history of the internet.
But Firefox is the best browser made in the history of the internet.
Sorry, that goes to Opera.
Sorry, that goes to Opera.
Agreed since it is actualy standards compliant...
Sorry, that goes to Opera.
Agreed since it is actualy standards compliant...
Opera is not bad ill give you that much. i just dont like it's interface etc., plus Firefox uses extentions which are nice (i dont use many but i do use a few)
so for me ill choose Firefox over Opera or IE7... although Opera i think is pretty good under the hood from what i heard like it's memory usage/speed etc.
firefox does tend to suck up memory but not as bad as people claim as far as i can tell.... i usually leave my browser open for hours and loads lots of websites etc and i dont go to much over 100MB... i dont think i ever seen it even @ 200MB..... sure 100MB is probably a little memory hungry but when you got 1GB (hell, even 512MB would be good on xp) of system ram on windows xp that aint going to hurt performance
firefox might be a good browser, but mozilla not a commercial company? where are you getting that from? They made a hefty profit last year
Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it
Focus your comments a little.
Focus your comments a little.
tell that to the OP
Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it
Those are short term costs (which work both ways anyway), I'd look a bit more ahead in the future if I was to evaluate the TCO.
The 'numbers' are in the Jeff Jones report. If you dispute them, kindly provide references and an explanation...
The 'numbers' are in the Jeff Jones report. If you dispute them, kindly provide references and an explanation...
guess you didn't read anyone else's post they gave numbers do a Google search you will find hundreds of sources who dispute Mr Jones report.
Last edited by TSThomas on 30 Nov 2007 - 20:48
Coming up next: The Sky: Is It Really Blue?
It accually isnt. Thanks to the reflextion of the sun, it is.
You have just made yourself look real dumb
It accually isnt. Thanks to the reflextion of the sun, it is.
a contradiction, in 1 sentance, well done.
You have just made yourself look real dumb
Please learn spelling and grammar before insulting someone else's intelligence.
It accually isnt. Thanks to the reflextion of the sun, it is.
You have just made yourself look real dumb
Actually you are also completely correct. It's not the reflextion (or rather refleCtion) of the sun light... In the sky, there are only dust particles and gas molecules. Sun light might get reflected when it hits the dust particle, but this doesn't make the sky blue.
The one which "produce" the blue sky is the Rayleigh scattering.
You have just made yourself look real dumb
Please learn spelling and grammar before insulting someone else's intelligence.
It actually isn’t. Thanks to the reflection of the sun, it is.
You have just made yourself look real dumb
Happy? Getting your period or something? Don't get emotional please....
And still MS IE is a crap. Why? I think most of people already know, especially developers making or trying to make nice working Web 2.0 websites.
Safari is the browser that pukes. If you want to complain about making things hard for web developers, talk to Apple (or webkit people).
I agree with Brandon; from a developer standpoint, Safari is the worst browser right now. It is getting somewhat better, but it's still at the end of the browser train.
Damit, it's Fx. Check the mozilla faq, it's Fx, Fx guys, Fx not FX or FF, just Fx.
Also, you can't compare the quantities of types of vulnerabilities (high/med/low) found, since both companies use a different ranking system.
And he should have mentioned response times too. Time To Patch multiplied by the Number Of Users, and then seen which browser is better; If browser A has one vuln for one month, and browser B has two vulns for 1 week, which one is more secure?
Last edited by Cryton on 30 Nov 2007 - 21:11
Also, there's a flipside to MS saying that they've made less fixes. Does that mean that IE has more unpatched issues than its competitors?
Some things people forget is that Netscape Navigator 6 was released almost exactly SEVEN years ago...utilizing Mozilla v0.6 (Gecko) for its underlying engine. Mozilla released 10 versions during the time between Netscape 6.2 and 7.0 releases.
Firefox is considerably more mature than some people give it credit for.
Now..... that is fanboy fodder if I've ever seen it.
The facts are what they are. If you still prefer another browser then that's fine. But it's not Microsoft who looks unbelievably ignorant when you dismiss facts as lies just because you have a product preference.
http://www.neowin.net/news/main/07/11/30/m...efox?cid=598280
You're right ... you are a troll.
besides firefox patch their vulnerabilities very fast compared to the "monthly" patch cycle of ie.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
exactly
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.
Last edited by J_R_G on 30 Nov 2007 - 22:52
I've never used it, but isn't the Firefox (safemode) icon used just for that purpose? I could be wrong.
Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"
Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."
Very interesting.
Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.
Ironically, most of PC users are still using Windows XP. Even there are some of them out