Posted: 05th Dec, 2007 By: MarkJ
It's hardly surprising that a study commissioned by Microsoft has revealed that its own Internet Explorer (IE) website browser is more secure than free open-source rival Firefox (Mozilla).
The security strategy director of Microsoft's Trustworthy Computing Group, Jeff Jones, claims that Mozilla has fixed more flaws in its browser than Microsoft during equivalent periods. That is apparently seen as evidence that Firefox is more vulnerable than IE:
"Since the release of Firefox 1.0 in November 2004, Mozilla has fixed 199 vulnerabilities in supported Firefox products 75 high severity; 100 medium severity; and 24 low severity. In the same timeframe, Microsoft has fixed 87 total vulnerabilities affecting all supported versions of Internet Explorer 54 high severity, 28 medium severity; and five low severity," said Jones.
He also compared IE7 to Firefox 2.0 over a 12 month period, during which he said Mozilla fixed 56 flaws while Microsoft fixed only 17 in IE7.
However, Jonathan Oxer, technical director and founder of web application development company, Internet Vision Technology, and president of Linux Australia, claims the study is flawed because Microsoft tends to bundle its fixes, which lead to a lower count over the period being compared.
One might also say that Firefox's developers are better positioned to spot problems because the source code is public, either way it's hardly an apples to apples comparison.
Having said that, Jones does concede that both browsers have faced security problems and I personally am less of a Firefox 2 fan than I was of 1.5. Hopefully Firefox 3 brings a faster and less memory intensive browser to the table. More @
ZDNet.