Firefox Accounts for 44% of Vulnerabilities Compared to IE’s 15%

http://prosecure.netgear.com/community/security-blog/2009/11/web-browser-vulnerability-report—firefox-leads-the-pack-at-44.php

A recent report by Web application security vendor Cenzic pointed out that in the first half of 2009 Firefox totaled for 44% of all vulnerabilities amongst popular Web browsers. Also somewhat surprising is Safari coming in at 35% due to iPhone Safari vulnerabilities (that’s another story in itself). IE came in third at 15% and Opera at 6% (BTW, where was Chrome?). 

Firefox (by the way, I’ve been a Firefox user since its debut) is an open source browser which has marketed itself as a “safer” alternative to Microsoft’s Internet Explorer. Early on that was true, however when Firefox started to gain popularity, hackers began shifting focus to it and Firefox became “less safe”.

Two factors contribute to the amount of vulnerabilities we are seeing in the browser today. Number one, the browser is relatively young, so there are naturally more holes in it. This will get better as the browser further matures. Second of all, Firefox is open-source and has a flexible add-on architecture where basically anyone who can code (and even some who can’t) can make an add-on for Firefox. While this architecture and open source in general bring flexibility, functionality, and scalability to the browser, many of these add-ons are not “hardened” and could introduce security loopholes into Firefox. Also, due to the open-source nature of Firefox,hackers can study the browser source code inside out and find holes that way…

Questions or Comments?