Tuesday, December 4th 2007

Microsoft Says Internet Explorer More Secure Than Firefox

Jeff Jones, Security Strategy Director at Microsoft's Trustworthy Computing Group, following his recent report putting Windows Vista ahead of Linux and Mac OS X for security, has now placed Internet Explorer ahead of the open source Firefox browser in a long-term comparative study. According to his analysis, fewer security vulnerabilities needed fixing in Internet Explorer than in the competition. Jones explains in his report Browser Vulnerability Analysis (PDF), that Mozilla has fixed 199 security vulnerabilities since November 2004, when Firefox first appeared, of which 75 were critical, 100 medium and 24 of low importance. Over the same period, a total of 87 security vulnerabilities were fixed in Internet Explorer, of which 54 were critical, 28 medium and 5 of low importance. He also notes that security updates are currently only being released for version 2.0 of Firefox, while Microsoft provides full support for earlier versions of Internet Explorer.Source: heise Security
Add your own comment

40 Comments on Microsoft Says Internet Explorer More Secure Than Firefox

#1
OrbitzXT
President Bush says Iraq has weapons of mass destruction. Whats your point? :p
Posted on Reply
#2
wazzledoozle
Microsoft can hardly make the claim that their software has less flaws when it's closed source. They just wait for someone to find and exploit a flaw before acknowledging and fixing it.
Posted on Reply
#3
Mussels
Moderprator
i've never had to pull spyware and viruses out of firefox, whereas IE its common practice... IE is linked with the OS, so i guess MS can just throw the blame around for half of the problems (to their OTHER dodgy products, lol)
Posted on Reply
#4
AthlonX2
HyperVtX™
by: OrbitzXT
President Bush says Iraq has weapons of mass destruction. Whats your point? :p
and president bush is from texas so whats your point?:laugh:
Posted on Reply
#5
jocksteeluk
what M$ means is it is more secure for the developer to pump your computer full of tracking cookies, DRM, pop ups, animated noise adverts and etc.
Posted on Reply
#6
sam0t
Amen to that.

I have had zero spyware crap on my computer after switching to Firefox years ago. M$ is pulling these numbers out of their hats just to look good, or so it seems.
Posted on Reply
#7
Darknova
*sigh* we all know Opera is better than both of them.

Not only that but IE7 IS more secure than FF, if you actually did any research for yourself you'd know that the numbers they apparently "pulled out of nowhere" are in fact true. IE7 is more secure and more compatible with standard tech on the internet. What FF has over IE7 is the multitude of extra plugins which make it more secure, more compatible etc.

You want a secure browser, get Opera.
Posted on Reply
#8
jocksteeluk
If you do research on anything you will find anything you want be it but for the majority of FF converts like myself will point out how much less garbage their browsers gather and accumulate when compared to using IE, as for Opera it is a good browser with a very good ad blocking programme built in but the functionality i find to be alien and the user interface is less than appealing.
Posted on Reply
#9
AthlonX2
HyperVtX™
for some reason i knew this would become a fanboi war:D
Posted on Reply
#10
jocksteeluk
by: AthlonX2
for some reason i knew this would become a fanboi war:D
and its all your fault!
Posted on Reply
#11
Mussels
Moderprator
IE7 may be more secure, but its how it ties into the OS that makes it less secure - that is IE's fault, and no one elses (toolbars that install, automatically running apps in activeX/java sometimes)

Truly, IE7 is a LOT better than IE6 was - doesnt make it perfect just yet.
Posted on Reply
#12
TheGuruStud
by: Darknova
*sigh* we all know Opera is better than both of them.

Not only that but IE7 IS more secure than FF, if you actually did any research for yourself you'd know that the numbers they apparently "pulled out of nowhere" are in fact true. IE7 is more secure and more compatible with standard tech on the internet. What FF has over IE7 is the multitude of extra plugins which make it more secure, more compatible etc.

You want a secure browser, get Opera.
Obviously, there's still overwhelming evidence that IE7 is not more secure (even if it was independent from the OS). Like jocksteeluk said, ask any convert about it (and just b/c it's tied to the OS is not an excuse for lack of security, it's called stupidity). And again, you're wrong, IE7 still doesn't have the level of compatibility to web standards as FF (yes, maybe better than IE6, but still not better than FF, do you see the trend here?). The problem is that retards have been coding for only IE for so long, that FF fails to display those sites correctly, B/C IT IS NOT IN WEB STANDARD FORM. If it was, I'd see all powerpoint/java sites and apps working correctly. You can even tell from the layout/look/feel that the site (that doesn't correctly display in FF) was designed by an idiot.

http://www.webdevout.net/browser-support-summary The individual scores are not weighted, but you get the idea. It's all over the web. No sense in hiding from the truth that IE7 sucks a big one. Hell, when it came out people were calling to boycott it b/c it was worse than IE6 in some ways and definitely nowhere near FF (or Opera obviously, which was your only qualifying remark).

You are partially right about FF's extensions. They sure do make it even more secure. Hell, with adblock plus, filterset g, no script, and w/e other blocking/supporting ext. you like, there's no way in hell IE can EVER touch that level of security. There's almost no point for me to even run a scan for spyware/malware/etc b/c I NEVER get any haha. Try that with IE. Get back to me when you have to reinstall windows. :laugh:

I try not to be rude, but if you're going to spread FUD, do it on a site with only noobs that will believe your BS.
Posted on Reply
#13
mrw1986
Not for nothing, but this report is from the same guy who said Vista is more secure than Linux / OSX...also he states less vulneralbilities were fixed in IE7 than FF. Just means they haven't found em all in IE7.
Posted on Reply
#14
mdm-adph
by: Darknova
...IE7 is more secure and more compatible with standard tech on the internet....
"More compatible with standard tech on the internet?" Kinda hard not to be when what Microsoft decides to do becomes the standard, eh? ;)
Posted on Reply
#15
gamer210
One thing you have to consider is that IE still has a much greater market share than FF. If more people are using it, more exploits will be written for it.
Posted on Reply
#16
AsphyxiA
by: mdm-adph
"More compatible with standard tech on the internet?" Kinda hard not to be when what Microsoft decides to do becomes the standard, eh? ;)
agreed
Posted on Reply
#17
Ravenas
They are both equally unsecured in my experience. However, I do tend to like the 64-bit IE more than Firefox, simply because of Firefox's memory footprint.
Posted on Reply
#19
DanTheBanjoman
Señor Moderator
Please keep the MS flaming (or any other flaming) to yourself, if you disagree be constructive. Otherwise I'll have to start erasing a lot of posts.
Posted on Reply
#20
Kreij
Senior Monkey Moderator
I find it amusing that people can get so passionately inflamed over a web browser.

I use IE7 exclusively. No problems at all.
I tried FF but didn't really find it any more useful than IE (which I was used to).
Posted on Reply
#21
hacker111
REALLY? I have Mozilla Firefox...OH NO...:(
Posted on Reply
#22
Shyska
by: gamer210
One thing you have to consider is that IE still has a much greater market share than FF. If more people are using it, more exploits will be written for it.
Exploits are not written they are used :nutkick:

P.S. having greater market share doesn't give one the right to ignore standarts :rolleyes: it is sometimes a real nightmare to adjust code for IE...
Posted on Reply
#23
F-22
by: wazzledoozle
They just wait for someone to find and exploit a flaw before acknowledging and fixing it.
Duh... What the hell else are they supposed to do? If nobody finds the flaws, nobody will fix it. Same goes for every browser, OS, and every other piece of software on the face of the earth.
Posted on Reply
#24
peach1971
For a total 284 days in 2006 (or more than nine months out of the year), exploit code for known, unpatched critical flaws in pre-IE7 versions of the browser was publicly available on the Internet…

In contrast, Internet Explorer’s closest competitor in terms of market share — Mozilla’s Firefox browser — experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.
http://blog.mozilla.com/security/2007/11/30/critical-vulnerability-in-microsoft-metrics/
Posted on Reply
#25
3991vhtes
Microsoft is right. There are security holes in FF, but no one knows about them.
Posted on Reply
Add your own comment