16 September 2007
It’s been about six months since I last posted about browser security. I reported then that Internet Explorer 7 had overcome many of the security vulnerabilities that plagued IE6 for so many years. I even said that IE7 should be considered as secure as Firefox until more data became available. So, what does the data say now?
IE7 is still vastly better than IE6. For those who prefer Internet Explorer, but haven’t yet upgraded to the newest version, wait no longer.
Despite IE7’s advances over it’s predecessor, however, some differences between IE7 and Firefox are beginning obvious. IE7 seems consistently to have more unpatched vulnerabilities than does Firefox. As of today, Secunia, a security consultancy, is reporting that IE7 has 10 unpatched vulnerabilities, almost twice as many as Firefox.
Moreover, IE7’s worst flaw is rated “Highly critical”, while Firefox’s worst is rated “Less critical”. Unfortunately for Internet Explorer, its trouble with more and more severe vulnerabilities is more habit than fluke. Every time I have checked Secunia’s vulnerability reports on the two browsers over the last six months, the general trend has not changed. At this point, it is clear that Firefox typically has fewer security flaws, and the flaws it has are not as serious as those of Internet Explorer.
Read more about browsers