Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

Latest News

Mozilla rages against Microsoft security report

Posted on 4 Dec 2007 at 12:14

A Mozilla executive has blasted claims made by a Microsoft security researcher that Internet Explorer is more secure than Firefox.

Jeff Jones, security strategy director of Microsoft's Trustworthy Computing Group, claims that Mozilla has been forced to fix more flaws in its browser over the last three years than Microsoft, indicating that the open-source browser is more vulnerable than Internet Explorer.

"Since the release of Firefox 1.0 in November 2004, Mozilla has fixed 199 vulnerabilities in supported Firefox products - 75 high severity; 100 medium severity; and 24 low severity. In the same timeframe, Microsoft has fixed 87 total vulnerabilities affecting all supported versions of Internet Explorer - 54 high severity, 28 medium severity; and five low severity," says Jones.

"While the data trends show that both Internet Explorer and Firefox security quality is improved in the latest version, it also demonstrates that, contrary to popular belief, Internet Explorer has experienced fewer vulnerabilities than Firefox," claims Jones.

However, responding on his blog, Mike Shaver, Mozilla's Director of Ecosystem Development, decries the findings, saying "Microsoft should be embarrassed to be associated with this sort of ridiculous analysis."

Shaver alleges that the discrepancy comes about due to Microsoft's policy of bundling its fixes together, and reporting the subsequent patch as being for a single vulnerability. In contrast, he says, Mozilla reports every fix distinctly.

"Even if the scales were the same, and we were living in a parallel universe in which Microsoft even approached Mozilla's standards of transparency and disclosure, the logic is just baffling: Jeff is saying that Mozilla's products are less secure than Microsoft's because Mozilla fixed more bugs. By that measure, IE4 is even more secure, because there were no security bugs fixed in that time frame; bravo to Microsoft for that!"

Author: Stuart Turton

Be the first to comment this article

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest Reviews Subscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2008