FireFox Users May Want to Read This?

Just ran across this and knowing that quite a few here use Firefox, thought it of interest to them, if they are not already aware of this already.

The report in the UK-based IT trade publication states: "There have now been more flaws in the Firefox browser this year than in Microsoft's Internet Explorer." It does not give a source for this statistic but it may be relying on data from a security advisory service such as Secunia. The 2005 Secunia vulnerability report for Firefox 1.x states that there have been seventeen security flaws in Firefox this year, while the 2005 Secunia vulnerability report for Internet Explorer 6.x includes only nine advisories. There are more unpatched IE vulnerabilites though, and it should be noted that not all security flaws are equally severe.

This is not the first time that more security vulnerabilities have been reported in Mozilla products than in Internet Explorer. In March, Symantec published its Internet Security Threat Report Volume VII (you have to supply your personal details to Symantec to download it), covering the second half of 2004. The report said: "The discovery of vulnerabilities affecting browsers appears to be on the rise, with more Mozilla vulnerabilities documented in this period than those affecting Microsoft Internet Explorer... Between July 1 and Dec. 31, 2004, Symantec documented 13 vulnerabilities affecting Microsoft Internet Explorer. This is notably lower than the 21 vulnerabilities affecting each of the Mozilla browsers that were documented during the same period. Six vulnerabilities were reported in Opera and none in Safari." (This excerpt is included on page 3 of April's Langa Letter: The Pros And Cons Of Firefox.)

More Security Flaws in Firefox Than IE This Year


Any thoughts that may be helpful to other FireFox users unaware of this would be greatly appreciated.




seekerof

[edit on 2-8-2005 by Seekerof]

Not surprised really, it's a very new browser with a huge bug squashing squad, I'm kind of glad they are finding these bugs as fast as they are, but then again it's allot easier to do that when you or anyone on the net can peruse the source code at their leisure.

When Critical bugs are found they are patched within 24-48 hours. From memory, M$ Patches whenever they feel like it, usually a week or two after the bug is common knowledge, but that is over a year or more stale info on my part.

The main reason I stick with Firefox, Tabbed Browsing and Flashblocker. No popups/downs or annoying animated ADs for me anymore! And in reality the major security threats on the net stem from Flash or Java(running arbitrary code on your machine, as dangerous as downloading(and running) an unknown .exe file)

The extension system will be it's advantage over Microsoft for some time to come.

[edit on 2-8-2005 by sardion2000]

[edit on 2-8-2005 by sardion2000]

I would suggest that Firefox users who are worried about the vulnerabilities that have been reported. They should check out Deer Park which is the next version of FireFox. It is still in alpha build but I have been using it for a few weeks with no problems.
Deer Park