(image courtesy of one of my homes away from home, AppScout!)
According to Symantec, Firefox is living up to its name as the more secure browser, as it suffered 26% fewer flaws and critical bugs than its rival for market share, Internet Explorer, in 2006.
According to Symantec’s tally, 40 Firefox vulnerabilities were disclosed between August and December 2006; Internet Explorer (IE), meanwhile, was hit with 54 bugs. Opera and Safari — the browser Apple Inc. bundles with Mac OS X — had four flaws each.
For all of 2006, however, the numbers were nearly neck and neck: Firefox was nailed by 87 flaws during the 12 months, IE by 92.
The trend line also put Firefox in the better light. The open-source browser had 15 percent fewer vulnerabilities in the second half of the year compared to the first, while IE’s total increased 42 percent during the period.
“Internet Explorer was particularly affected by concerted efforts to ‘fuzz’ the browser for new vulnerabilities,” said the Symantec report, which cited July’s ‘Month of Browser Bugs’ project as a big contributor. “The majority reported affected Internet Explorer or Windows components accessible through the browser,” Symantec said.
To add insult to injury to IE, Mozilla developers patched Firefox five times faster than did Microsoft’s. On average, Firefox had an attack exposure window — the amount of time between the disclosure of a bug and when it was patched — of just two days based on a sample set of 26 flaws. By comparison, Microsoft took an average of 10 days to patch the sample 15 vulnerabilities. Both vendors’ attack windows were a day longer in the second half of the year than in the first six months.
That about says that. Firefox evangelists, rejoice!