Firefox Is The Most Vulnerable Browser Claims Security Firm

A report published by security vulnerability specialists Secunia purports that open source browser Firefox is far more vulnerable than any other mainstream browser on the market.

Secunia compared Opera, Safari, Internet Explorer and Firefox in the research paper and found out that Firefox had the most number of vulnerabilities in 2008, in fact more than all the other three web browser combined together.

Firefox had 115 vulnerabilities, 30 for Opera, 31 for Internet Explorer and 32 for Safari. Mozilla refuted Secunia claims saying that security claims cannot be based only on mere metrics.

Jonathan Nightingale at Mozilla responded to this report saying that "Mozilla discloses and releases bulletins for all security issues fixed in Firefox, regardless of how they were discovered. Unlike other vendors that only disclose issues reported by external independent parties, but not by internal developers, QA or security contractors".

Internet Explorer remains firmly in the picture though as the browser's plug-in technology, ActiveX, is by far the one with the most vulnerabilities. It recorded more than 366 vulnerabilities, compared with 54 for Java, 30 for Quicktime, 19 for Flash, 1 for Firefox and none for Opera.

Secunia also found out that Internet Explorer had the longest lag period when it came to patching a vulnerability taking anything between 78 days to 294 days while mending Firefox's holes took between 15 and 86 days.

You can follow ITProPortal.com on Twitter @ http://www.twitter.com/itproportal

Our Comments

Even metrics can be deceptive when wrongly interpreted. Secunia cannot be blamed for coming out with factual data as it is up to the audience to rightly interpret the information. Indeed, some users were more concerned about the fact that Microsoft took so long to patch some of the holes. The secunia report also showed that the number of zero-day attacks in the past 3 years fluctuated between 8 and 10.

Related Links

Report: Firefox is the world's most vulnerable browser

http://blogs.computerworld.com/report_firefox_is_the_worlds_most_vulnerable_browser

Beware the Security Metric

http://blog.mozilla.com/security/2009/03/06/beware-the-security-metric/

Secunia report: Microsoft most vulnerable software

http://www.dslreports.com/forum/r22241571-Secunia-report-Microsoft-most-vulnerable-software

Secunia: Firefox most vulnerable browser

http://www.bit-tech.net/news/bits/2009/04/16/secunia-firefox-most-vulnerable-browser/1

Firefox is most vulnerable web browser: report news

http://www.domain-b.com/infotech/itnews/20090416_firefox.html