According to Microsoft’s Trustworthy Computing Group and its Security Strategy Director, Jeff Jones, Internet Explorer is more secure than Mozilla’s Firefox. Although he claims to have compared the vulnerabilities found in the two browsers and admits that both companies’ browsers have their “significant flaws,” critics claim that his study is flawed to say the least.
“Since the release of Firefox 1.0 in November 2004, Mozilla has fixed 199 vulnerabilities in supported Firefox products; 75 high severity; 100 medium severity; and 24 low severity. In the same time frame, Microsoft has fixed 87 total vulnerabilities affecting all supported versions of Internet Explorer; 54 high severity, 28 medium severity; and five low severity.”
He also said:
“While the data trends show that both Internet Explorer and Firefox security quality is improved in the latest version, it also demonstrates that, contrary to popular belief, Internet Explorer has experienced fewer vulnerabilities than Firefox.”
Others, however, severely differ with Jones’ findings. Jonathan Oxer, Technical Director of Web Internet Vision Technology and president of Linux Australia, feels the study is flawed because:
“Microsoft tends to bundle its fixes, which leads to a lower count over the period of time being compared. For example, when fixing a vulnerability, there might be several issues being resolved in one go. So it decreases the bug count. A more valid way to score software in terms of security is to give each exploit a value depending on the number of days from discovery of a bug to the release of a fix, multiplied by a severity factor.”
Is Internet Explorer really more secure than Firefox? Only time will tell.
Read [CNET News]