Microsoft: Less Vulnerabilites in IE7 compared to Firefox

Microsoft today published a report that evaluates the security performance of Internet Explorer and Mozilla Firefox through a detailed comparative look at vulnerabilities. The "Web Browser Vulnerability Analysis" report finds that over a period of three years, Internet Explorer proved to have fewer vulnerabilities than Mozilla Firefox. The report research, conducted by Jeff Jones, Security Strategy Director in Microsoft's Trustworthy Computing group, examines in detail the volume and severity of vulnerabilities in the two browsers and includes these key findings:

· Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products

· Internet Explorer experienced a lower volume of reported vulnerabilities across all categories of severity (high, medium, low)

Microsoft quitely announced the findings via the IE Blog.

View: Jeff Jones Report
View: Microsoft IE Blog

Report a problem with article
Previous Story

Xbox 360 Fall Dashboard Update Details Released

Next Story

Fired for a bad game review?

140 Comments

Commenting is disabled on this article.

Firefox is more secure than Internet Explorer. Security is better measured by the time when vulnerabilities are kept unpatched. Check this out.

This kind of "news", being clearly a part of the Microsoft disinformation strategy, makes me wonder if Neowin authors are paid by Microsoft.

So what do we have here? A statement that IE7 has less vulnerabilities than Firefox, that actually doesn't mean anything but tries to lead the reader to a quick and false conclusion (being "IE7 is more secure than Firefox"), which is a typical disinformation technique. Please don't get fooled.

First, I think one word has been forgotten here: reported vulnerabilities. What about all the hidden ones that have yet to be found? Please compare apples with apples and don't forget that Firefox is an open source project while IE7 is a proprietary, closed source one. Of course it is much more easy to find and report vulnerabilities in an open source project, where the public has full access to the source code and to a bug tracking system! Actually, the Mozilla foundation encourages you to do so, while Microsoft tries to hide the bugs and vulnerabilities as long as possible. If you want to compare closed source to closed source, then compare IE7 to Opera.

Secondly, it isn't specified if the reported vulnerabilities are "critical" or just minor. This is purely subjective. What's really important regarding security is: how much time does it take to fix a vulnerability once it has been reported, and how many vulnerabilities have actually been exploited, and for how long?

And I didn't even mention the fact that IE7 has tons of rendering and javascript bugs waiting to be fixed or that its standards support is just pathetic. Because these are not vulnerabilities, Microsoft isn't moving a finger to fix them.

Hahaha, oh, I do love these types of reports.

Imagine Microsoft finding their product to be superior to their rivals, in their own study no less! Why, there's no bias there at all! Cigarette companies constantly put out reports about how smoking was safe for your health (and in the past, even beneficial!). How could anyone possibly doubt these types of studies? It's mind boggling, absurd, ridiculous to do so!

This just in: My in-depth study of the Internet has determined, in my latest report, that A Clockwork Lime is the greatest human being to ever have been born to this Earth in every conceivable way, shape, and form! It's a report, so that makes it official. No denying that one.

Shaver delievers a devastating rebuttal. Oh, wait, actually he didn't even read the report. The report compares unfixed vulnerabilities in IE7 and FF as well as fixed, Shaver's argument is that FF actually has fewer bugs but fixes more, you can see this is false if you look at the unfixed vulnerabilties section of Jeff's report. But facts have never bothered the anti-MS types, so why should they start now. Shaver also has the nerve to sugguest MS should be embarassed, but his post is so obviously embarassingly wrong it's hard to overstate it.

And posting "I like FF anyways" crap is so lame, I mean the argument is about security, changing the subject to avoid admitting defeat is typical of this crowd, as everyone has seen for years now. If you don't have anything to add about security of the browsers, you're just trolling, have fun but I and other educated people are ignoring you.

To summarize the report because the FF fanboys refuse to read it (or read it properly and thoroughly):

IE has less fixed vulnerabilities than FF, for similar products timelines (IE7 vs FF2, etc.).
IE has less unfixed vulnerabiltiies (the type Shaver pretended weren't in the report or else he just did not read it, that undermine his whole argument) than FF.

Not in the report that's relevant to the argument:
IE7 in Vista runs in sandboxed protected mode by default, so none of it's vulnerabilities could be exploited even if you were unpatched (isn't that something? - if you don't want this type of security and choose not to upgrade, that's YOUR problem, it's a choice and many people are taking advantage of it.)

Conclusion:
IE is more secure than FF. This has nothing to do with whether your favorite plug-in is available for IE or not, this is to counter the general perception that FF fanboys artificially generate by spamming truly clever little comments over and over to forums, like that IE is "swiss cheese", etc. If you like FF better than IE, fine, knock your self out, but know that your flat out wrong security arguments against IE have become less effective because of researched, documented studies. FF will just have to compete on merrits rather than slashdot/digg style one-liners about IE security. Terrible, I know.

J_R_G said,
have fun but I and other educated people are ignoring you.

Hahaha. I'm sorry I don't have a Ph.D in the Internets, will you please not ignore me, sir?

To summarize the report because the FF fanboys refuse to read it (or read it properly and thoroughly):

Why would anyone bother to read it? Who cares what some MS employee says.

IE7 in Vista

Well hey, I guess I will go and spend $240 on Vista and $1000 on a PC that can run Vista smoothly just so I can feel secure.

aha, good comments AfroTrance!

J_R_G said,
And posting "I like FF anyways" crap is so lame, I mean the argument is about security, changing the subject to avoid admitting defeat is typical of this crowd, as everyone has seen for years now.

I like FF anyways. "Admitting defeat"? Lmao, wow, we're talking about browseres here. Someone takes this a little seriously.

J_R_G said,
... clever little comments over and over to forums, like that IE is "swiss cheese", etc.

That's new to me.

I love how you ramble about "fanboys" when you spent an obvious amount of time on your reply against the people who just like Firefox. I love how just liking and/or using a product makes you a fanboy, it's ridiculous.

I'd rather have a browser under active heavy development, that is constantly striving to keep on top of the real web standard specifications, rather than ones they're just making up, than an effectively development dead system.

Active development makes it almost certain to have more flaws than an application that never changes bar patching discovered holes.

Funny enough i use Opera mostly but i am often forced into IE because still a lot of sites depend on ActiveX insecurities and noncompliant scripting to work. I can't even log into my bankaccount without letting an IE ActiveX control take over command. That scares me.

When firefox was out, people said it wasn't more secure per se, but because it was used by fewer people therefor not being as "attractive" to hack like internet explorer. Now that there are a lot more FF users than IE7 users... there's the same thing

"Jeff is saying that Mozilla’s products are less secure than Microsoft’s because Mozilla fixed more bugs. By that measure, IE4 is even more secure, because there were no security bugs fixed in that time frame; bravo to Microsoft for that!"

That just made me so happy reading that in Mozilla's response. Thanks macel for posting it.

I still like Opera more because it's able to handle tab sessions better than Firefox or Windows Internet Explorer.

People need to know that many of the "IE security holes" are actually ActiveX holes. IE took the blame because it's the platform used to launch those buggy plug-ins.

I dunno. I'm using Firefox without fearing for security (as long as I don't let it store my passwords).
I admit I'm feeling alright with IE7 too, but Firefox is just a better browser.
Not to mention that without Firefox IE would've still suck.

Another way of looking at this would be to find out the number of people who are running pirated copies of Windows XP.

I'm guessing that number would be anywhere around 40-50%. FYI even pirated users can download & install IE7.

In order to avoid the 'Windows Genuine Advantage' menace most pirated PC's have Automatic Updates disabled. So, while Firefox users are automatically updated to the latest version, most IE users are not.

"Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products"

the way i see it is... even if that statement is true, as long as those vulnerabilities are fixed in a prompt time frame BEFORE there exploited then thats the bottom line ;)

even though im a Firefox fan myself... i think anyone could have predicted (and did on this forum) that once Firefox got more popular, more flaws would be found in the browser.

even though i use Firefox full time myself... i gotta admit IE7 (or IE in general for that matter) is probably more tuned software since it's been out for ages and had LOTS of testing and tweaking over it's many many years..... everyone just likes to poke fun at it since it's the most used browser and it's a MS product. lol

Hmmm.....

Some of the vulnerabilities in FireFox and/or Opera are actually vulnerabilities due to Windows components, and it's not listed under Internet Explorer's fixes.

I'd rather use IE6 than IE7 even if it was not as safe... IE7 is way too slow. It makes me lose my will to be on the computer in the first place.

Does it matter? I like Firefox, I'm not gonna switch even if it has more "vulnerabilities".

Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products

So, if we look at this another way, Mozilla fixed more vulnerabilities than Microsoft. Wow. It just says how many were fixed, not how many existed.
Edit: just read Croquant's post and he's got the same idea I was thinking at the beginning of his post.

I use the browser that best suits my needs at that specific time.

IE7 and Firefox are excellent browsers and have their faults respectively. With proper security measures in place on one's system, there is very little to fear.

Education is the most effective way of patching security issues. If you know what to avoid or not to do, the browser written by the chimp next door can be safe.

People have their preferences in browsers like they do in beverages. Free choice is a wonderful thing...

I realize that IE7 made Internet Explorer much safer, but to get a comparison about the two web browsers, download and install spywareblaster. Then download the updates and apply them and look about what it protects you against or stops from being installed under the IE section and then the Firefox section. :)

That's a limited comparison, though. Spyware Blaster only protects you from various spyware & associated malware products. It's not a blanket security protection program. What's more, it only protects your from those malware products that it's developers:

a) know about
and
b) know how to protect you from
and
c) have implemented such protection into an update for Spyware Blaster

While the lists of vulnerabilities in Spyware Blaster may be representative of the state of known Spyware/Malware issues vis-a-via IE and Firefox, it is just one aspect of the total browser security scene.

PS. I use Spyware Blaster myself. I use it to reinforce the similar functionality that Spybot S&D provides. Good program.

hat's a limited comparison, though. Spyware Blaster only protects you from various spyware & associated malware products. It's not a blanket security protection program. What's more, it only protects your from those malware products that it's developers:

a) know about

Given the ludicrous number of things it does protect you against, then its MIND BOGGLING to think about the ones they don't know about

warwagon said,

Given the ludicrous number of things it does protect you against, then its MIND BOGGLING to think about the ones they don't know about


No, it's rather simple, actualy. They can't possibly make definitions for every new malware threat faster than new threats actualize. It's just not humanly possible. In that respect., it's the same as with anti-virus definitions: There's always a lag-time between when new threats appear and when definitions to protect against those threats are available.

Do you really think IE 7 would even had been developed if it hadn't been firefox? I mean, they said they had no plans to come out with a new version of IE until all of a sudden Firefox started to gain ground. They knew they had to do something and all of a sudden IE7 development started to poppup. Firefox has helped jump start the entire browser wars. Which ever one is better, i think its up to the user. But at least we have a choice now days.

I like the fact that I can actually 'customize' my browser to my liking. (Add-ons, Plug-ins, etc.) IE7 does not give me the option.

What I don't understand is why they have a browser section that actually lists other browsers. Not to mention from testing some of the add ons, they are lacking the same quality you find from Firefox and other browser add ons. Their best ones are good, but after that all the others I tried were near impossible to customize or work with. They quickly got uninstalled.

Guess IE just needs some time to catch up to Firefox add ons, but so far it seems like they don't prescreen and just accept anything. My own personal opinions though, I still think IE is making progress, it just needs to work a bit harder at some things.

Primetime2006 said,
Truth hurts - deal with it. IE7 >>>>>>>>>>>>>>>>>>>> Firefox.

Care to back that up with something other than a row of Greater-Than Signs?
If you don't I'm going to assume you're just another IE fanboy.

Croquant said,
Care to back that up with something other than a row of Greater-Than Signs?
If you don't I'm going to assume you're just another IE fanboy.

Try reading the article ?

Inertia said,

Try reading the article ?

Try actually reading the article? (paying attention not only to what it says but also to what it doesn't, and comparing the numbers with other sources).

One thing is though, IE 7 has DEP built in to it and you can turn it on. Firefox doesn't. I think that if you were to test firefox vs IE 7 w/ DEP turned on, you would find IE 7 more secure. I currently am using IE 7 and love it. There have been a couple of times where I have gone to a site that I didn't completely trust on accident and the built-in ie DEP closed it.

One thing is though, IE 7 has DEP built in to it and you can turn it on. Firefox doesn't. I think that if you were to test firefox vs IE 7 w/ DEP turned on, you would find IE 7 more secure. I currently am using IE 7 and love it. There have been a couple of times where I have gone to a site that I didn't completely trust on accident and the built-in ie DEP closed it.

Where exactly did you hear that?
DEP is both a hardware and software thing. If you have a newer cpu that supports the NX feature, you don't need to waste software cycles on a software solution.
DEP has nothing to do with the site and everything about the program that it running. It will only close a program if it accesses it's unassigned memory (i.e it has a bug which was successfully exploited by the site). Since DEP is implemented at the OS level, it applies to all programs (including FireFox ). So the reason that it wont "close" FireFox, is because FireFox was not exploited by the site.

zivan56 said,

Where exactly did you hear that?
DEP is both a hardware and software thing. If you have a newer cpu that supports the NX feature, you don't need to waste software cycles on a software solution.
DEP has nothing to do with the site and everything about the program that it running. It will only close a program if it accesses it's unassigned memory (i.e it has a bug which was successfully exploited by the site). Since DEP is implemented at the OS level, it applies to all programs (including FireFox ). So the reason that it wont "close" FireFox, is because FireFox was not exploited by the site.

My CPU supports DEP, so turning it on in Windows enables the hardware DEP, where it was previously not being taken advantage of. I realize that you can enable operating system-wide DEP (which I have done), but I can only imagine that DEP built-in to a browser would be more effective than enabling DEP operating system-wide so that you can have it for your web browser.

Citrusleak said,

My CPU supports DEP, so turning it on in Windows enables the hardware DEP, where it was previously not being taken advantage of. I realize that you can enable operating system-wide DEP (which I have done), but I can only imagine that DEP built-in to a browser would be more effective than enabling DEP operating system-wide so that you can have it for your web browser.

Actually it would be way more inefficient, but I see how someone may think that. If you have hardware DEP, and your OS supports it, you don't need to enable any other memory protection...as all it does is add extra overhead.

In any case, IE7 does have its sandbox under Vista whereas Firefox does not (unless you use something like Sandboxie, but that has quite a heavy overhead).

unless you use something like Sandboxie, but that has quite a heavy overhead

No it doesn't, I use it and I can't even tell performance wise firefox is sandboxed

I still llike Firefox, and I use sandboxie to sandbox my web browser when I browse the net, so the security vulnerabilities really aren't a concern to me

In other news... Firefox 2.0.0.11 released @ www.getfirefox.com with its misc fixes, take that IE!

There doing something right now because i got the download and install popup, checked here and filehippo and there wasnt a mirror or entry in for it yet ^_^

Uhh, Secunia disagrees...

IE 7 -- 19 security issues, 37% of those still unpatched: http://secunia.com/product/12366/
Firefox 2 -- 18 security issues, 22% of those still unpatched: http://secunia.com/product/12434/

The most criticial unpatched flaw is also worse in IE 7 than Firefox, at moderately criticial.

Microsoft has fixed 87 total vulnerabilities (across all supported versions of Internet Explorer) while Mozilla has fixed 199 vulnerabilities in supported Firefox products

What, but does that mean that they have more open issues in IE than Firefox? I mean, you can take that information as both a problem for IE and not. :S

It's not interesting how many bugs are FIXED. The interesting part is how many are OPEN.

Firefox is open source, so anybody can audit the code. IE7 is not...and judging from it's codebase (based on NCSA Mosaic), it is way older/innefficient/bug prone.

I certainly don't care about security at this point.

I was a Netscape user in the early 90s. Then Netscape sat on their asses and did nothing to improve it, and when they finally did, they made it worse. So came along IE. And it was a better browser than Netscape and eventually killed it. Then MS did nothing to improve IE for quite a long time. How long were we using IE6? So then came along Firefox, and it was better than IE6. So I switched to Firefox. Now I can't live without the Firefox plugins, so much that I don't even care how secure IE7 is compared to Firefox. Plus being a cross platform user between Windows, Macs, and Linux, I get one Firefox browser that's consistent on all platforms. Sorry MS, you'll have to wait till the firefox team sit on their ass and do nothing to improve Firefox, then maybe I'll consider an alternative browser. Don't hold your breath though.

A few things:

How does this guy normalize the severity of the security flaws? The same high rated flaw in Firefox might be considered a low rated flaw in IE7.

With that in mind, his argument would be stronger if he could specify vulnerabilities present in Firefox and not in IE7 that would compromise the average end-user's PC, not some drone computer running security analytics.

Where's the fancy diagram outlining average release times for security fixes? That'd be a great comparison if Jeff Jones's wasn't eating out of Bill Gates's hand.

kars85 said,
A few things:

How does this guy normalize the severity of the security flaws? The same high rated flaw in Firefox might be considered a low rated flaw in IE7.


"This guy" was nice enough to include the source for this info in the report, if you had read it you would have seen the link to:

The National Vulnerability Database (NVD) , a database superset of the Mitre CVE list (http://cve.mitre.org) which provides additional objective information concerning vulnerabilities was the source utilized for severity ratings and exploit complexity assessment. The NVD is also sponsored by the US Department of Homeland Security and makes their data downloadable in an XML format at http://nvd.nist.gov/download.cfm.

I guess it's easier to make idiotic anti-MS comments then do real research, though.

With that in mind, his argument would be stronger if he could specify vulnerabilities present in Firefox and not in IE7 that would compromise the average end-user's PC, not some drone computer running security analytics.

Vulnerabilities in IE are not related to those in FF, so you can assume that all vulns. in FF are not in IE and vice versa.

Where's the fancy diagram outlining average release times for security fixes? That'd be a great comparison if Jeff Jones's wasn't eating out of Bill Gates's hand.

Maybe the data is not availible, and it's not even relevant to Vista users where IE7 runs in Protected Mode.

J_R_G said,
(...) Vulnerabilities in IE are not related to those in FF, so you can assume that all vulns. in FF are not in IE and vice versa (...)

Seriously guys, it just is Fx, not FF. You all should read the mozilla faq. It's plain and simple Fx.

ok...good for microsoft making IE7 not suck as much, but im still staying with firefox.

i dont see why people are getting upset about it, i doubt anyone is going to stop using firefox because microsoft says theres is better.
the report is probly flawed anyway.

Berserk87 said,
ok...good for microsoft making IE7 not suck as much, but im still staying with firefox.

i dont see why people are getting upset about it, i doubt anyone is going to stop using firefox because microsoft says theres is better.
the report is probly flawed anyway.

Translated ...

Hi, I have no idea what I'm talking about, because I haven't read the report ... but I have my biases and will make stupid ass comments just to make IE look bad.

Oh, and I can't spell and don't know how to use a f@cking contraction.

IE may be safer (assuming that this report is correct)... but even if it is safer it still render sites properly, something that a web designer needs

IE7: "Currently, 37% (7 out of 19) are marked as Unpatched with the most severe being rated Moderately critical"

Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"

Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."

Very interesting.

hixtures said,
IE7: "Currently, 37% (7 out of 19) are marked as Unpatched with the most severe being rated Moderately critical"

Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"

Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."

Very interesting.

exactly this is why i must bull****

hixtures said,
IE7: "Currently, 37% (7 out of 19) are marked as Unpatched with the most severe being rated Moderately critical"

Firefox 2: "Currently, 22% (4 out of 18 ) are marked as Unpatched with the most severe being rated Less critical"

Opera 9: "Currently, 0% (0 out of 10) are marked as Unpatched."

Very interesting.

Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.

(J_R_G said @ #27.2)
Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue.

I've never used it, but isn't the Firefox (safemode) icon used just for that purpose? I could be wrong.

J_R_G said,

Yes, but slightly more interesting is that IE7 in Vista can run in Protected Mode, where none of those vulnerabilities are exploitable, Firefox users have no such avenue. Of additional "interest", is that secunia probably does not have every vulnerability for the products in question.

Ironically, most of PC users are still using Windows XP. Even there are some of them out there who ditch Vista and 'upgrade' themselves to "a more familiar experience" (a.k.a. XP)

Actually Secunia isn't entirely reliable for these purposes... as they themselves state;

"Note: All vulnerabilities discovered by Secunia Research are reported directly to the vendors in a responsible manner, giving the vendor 2 weeks to reply with a confirmation & details about the expected release date for the security update. Secunia always wait for the security update - as long as the vendor keeps a reasonable time frame for issuing the update & actively co-operate with the Secunia Research team."

I.e. newer, as yet unpatched, vulnerabilities may not be listed in those stats.

great ie 7 its really more secure since its very limited, i mean cant even change the button layout, limited = more secure.

besides firefox patch their vulnerabilities very fast compared to the "monthly" patch cycle of ie.

OMG! A company tested its own product against competitors, the report must be biased lies OMG I am so S-M-R-T.

The facts are what they are. If you still prefer another browser then that's fine. But it's not Microsoft who looks unbelievably ignorant when you dismiss facts as lies just because you have a product preference.

I believe that the title should read, "Microsoft: Fewer...", rather than "Microsoft: Less...". Nobody is perfect but this just hurts my eyes!

Microsoft does it's own testing... Microsoft quietly "leaks" out the info they find in a blog... Microsoft claims it's own software is more secure then the competitors... :nuts:


Now..... that is fanboy fodder if I've ever seen it.

Something people forget, is that MS have had SEVEN attempts at IE, so that's a lot more of a refined codebase (in theory) than the less-mature firefox.

Also, there's a flipside to MS saying that they've made less fixes. Does that mean that IE has more unpatched issues than its competitors?

ckempo said,
Something people forget, is that MS have had SEVEN attempts at IE, so that's a lot more of a refined codebase (in theory) than the less-mature firefox.

Some things people forget is that Netscape Navigator 6 was released almost exactly SEVEN years ago...utilizing Mozilla v0.6 (Gecko) for its underlying engine. Mozilla released 10 versions during the time between Netscape 6.2 and 7.0 releases.

Firefox is considerably more mature than some people give it credit for.

I challenge MS to release the source code of IE - then give it a year and compare number of vulnerabilities found ;)

Also, you can't compare the quantities of types of vulnerabilities (high/med/low) found, since both companies use a different ranking system.

And he should have mentioned response times too. Time To Patch multiplied by the Number Of Users, and then seen which browser is better; If browser A has one vuln for one month, and browser B has two vulns for 1 week, which one is more secure?

DeMo_BR said,
Of course Opera isn't listed... it is faster, better, and more secure than IE and FF together.

Damit, it's Fx. Check the mozilla faq, it's Fx, Fx guys, Fx not FX or FF, just Fx.

I don't care much about vulnerabilities because of one small reason, I didn't have any problems because of them.

And still MS IE is a crap. Why? I think most of people already know, especially developers making or trying to make nice working Web 2.0 websites.

I have built and maintain several websites in my free time. I have no problems with IE 7 and very few with FireFox 2.0 (or even 1.5 usually). IE 6 sometimes renders things a little off, but functional.

Safari is the browser that pukes. If you want to complain about making things hard for web developers, talk to Apple (or webkit people).

Does IE7 have issues? Yes, but so does every browser on the market. The key is knowing the issues and planning accordingly.

I agree with Brandon; from a developer standpoint, Safari is the worst browser right now. It is getting somewhat better, but it's still at the end of the browser train.

4tehlulz said,
Coming up next: The Sky: Is It Really Blue?

It accually isnt. Thanks to the reflextion of the sun, it is.

You have just made yourself look real dumb

and1direct said,

It accually isnt. Thanks to the reflextion of the sun, it is.

a contradiction, in 1 sentance, well done.

and1direct said,
It accually isnt. Thanks to the reflextion of the sun, it is.

You have just made yourself look real dumb

Please learn spelling and grammar before insulting someone else's intelligence.

and1direct said,

It accually isnt. Thanks to the reflextion of the sun, it is.

You have just made yourself look real dumb

Actually you are also completely correct. It's not the reflextion (or rather refleCtion) of the sun light... In the sky, there are only dust particles and gas molecules. Sun light might get reflected when it hits the dust particle, but this doesn't make the sky blue.

The one which "produce" the blue sky is the Rayleigh scattering.

ANova said,

Please learn spelling and grammar before insulting someone else's intelligence.


It actually isn’t. Thanks to the reflection of the sun, it is.

You have just made yourself look real dumb


Happy? Getting your period or something? Don't get emotional please....

I've always believed what matters most is how quickly vulnerabilities are patched; because no browser will be void of vulnerabilities. Nevertheless, well done to Microsoft

nezermundy said,
Yeah and Linux is more expensive than Windows Server....

Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it

neufuse said,

Actually...it can be after training of staff... education on linux, hireing Linux IT people, support contracts, and all that fun stuff... it can be a lot more expensive... especially if you have to get your custom made software rewrote for it

Those are short term costs (which work both ways anyway), I'd look a bit more ahead in the future if I was to evaluate the TCO.

ill take the security risk. I like the way firefox will load a page up in like a second where ie7 will take like 5 seconds or more.

Inertia said,
I think you need a faster Computer if IE7 takes 5 seconds or more to load pages. Hunt the bottleneck.


Uhhh if Firefox can load a webpage in 1 second on his current computer, why would he waste money on a better computer so IE7 can do the same thing?

"here come the trolls, watchout people, trolls coming!"


Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.

davewalden said,
"here come the trolls, watchout people, trolls coming!"


Wow... I got the impression that the blog post was a troll. Actually, it is not an impression. I have come to expect that from Microsoft. It is their Modus Operandi.

I think you mean these guys.

Well, Firefox is a newer product from a less mature company. I don't think you can say Firefox is actually more of a security risk. Even if it's purely it's lower market share, there are fewer attacks aimed at it.

i use for a long time firefox but have to admit that firefox is getting way more security breaks lately than IE

its the price for popular software, hackers cares to find holes on them

its now that firefox team will have to show what they made of and make a even greater software without many holes on it

Personnally I don't think one is safer then other. Security wise both are just good. Maybe IE7 is a little more secure on vista but thats it.

Last sentence. "Microsoft quitely". I believe you mean "Microsoft quietly". It amazes me how many people misspell that one.

Also keep in mind that fixing vulnerabilities is a good thing. Mozilla fixes bugs much faster than MS does, thus making for less exploitable vulnerabilites. I am using IE7 right now.

X'tyfe said,
I CALL HUGE bull****

its nothing but that

It's from Microsoft's own blog, so it must be true. (blatant sarcasm)

All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:

Microsoft Outlook
Microsoft Internet Exploder
Infected warez

You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.

toadeater said,

It's from Microsoft's own blog, so it must be true. (blatant sarcasm)

All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:

Microsoft Outlook
Microsoft Internet Exploder
Infected warez

You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.


Other than Outlook Express, IE and ActiveX controls, Windows is actually fairly secure. Of course, some of those things you can't quite get rid of unless you want an unpatched system, not to mention a lack of WGA, which is pretty much required by all Windows downloads these days it seems.

Once you get past those things though, it is just a matter of standard security - don't open unknown attachments, scan for viruses and malware regularly, keep your wireless connection encrypted (with WPA/WPA2 if possible), etc.

X'tyfe said,
I CALL HUGE bull****

its nothing but that

Ok, I'll bite.

Microsoft has published their numbers to justify their claims. Where are yours?

X'tyfe said,
I CALL HUGE bull****

its nothing but that


The major issue with the research done is that they count fixes as NEGATIVE (??), and don't mention open security holes.

Secunia rates the current versions of IE and Firefox as Firefox having less open bugs than IE, and the worst open bug also being more critical in IE.

I mean, the interesting part isn't how many are FIXED. That's the good part. Many fixed bugs. Good thing. The bad thing is how much is UNFIXED. Let's hear those statistics instead. Secunia tells that IE is losing there, even the latest version IE 7.

_dandy_ said,

Ok, I'll bite.

Microsoft has published their numbers to justify their claims. Where are yours?


Check Secunia. At least the current versions of the browsers has Firefox winning out on both one less total bug, more fixed ones, and where the unfixed ones are less severe. Three strikes there and I'd say IE 7 is out. At least versus Firefox 2. I didn't check Firefox 1.5 vs IE 6 because they aren't as interesting in the end of 2007 to me.

toadeater said,
All those wonderful botnets you've been hearing about in the news the past couple of days are made possible by three things:

Microsoft Outlook
Microsoft Internet Exploder
Infected warez

You could also just blame Windows in general I suppose, but without IE and Outlook Windows is fairly secure, unless you're a complete noob.

Um yes, those programs automatically download warez and viruses all on their own. I'm sorry but is the un-aware, un-knowlegable, cheap-assed consumer that is the reason for downloading infected warez and installing viruses.

Windows is only as secure as it's weakest link aka the user.

I agree with your Opera placement, but IMO, IE and Firefox are neck and neck. IE7 is one of the best improvements, from one version to the next, in the history of software of any type.

Slimy said,
Opera > IE7 > Firefox
*hides*

Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox.

internetworld7 said,

Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox. :cool:

hahahahahaha make me stop... Safari is the worse of all browsers! (at least on Windows)

internetworld7 said,

Think Different guys, think Mac OS X Leopard. It's the only platform that will guarantee bullet proof security or if you must be a Steve Ballmer disciple at least use Safari 3 for Windows and you won't have to worry about IE or Firefox. :cool:

Sorry couldn't resist :redface:

On topic: Promote Safari all you like, but the fact that I can't force new windows to open in tabs drives me away from taking Safari seriously. That plus this major bug that causes news articles on Neowin to show up in a God-awful red rectangle filling up the top half of the news articles. I give it points for being a speedy browser though.