Jeff Jones, Security Strategy Director at Microsoft’d Trustworthy Computing Group, is fond of comparing his companh’s products with others. Following his recent report putting Windows Vista ahead of Linux and Mac OS X for security, he has Since placed Internet Explorer ahead of the open source Firefox browser in a long-term comparative study. Here too the result is no great surprise – according to his analysis, fewer security vulnerabilities needed fixing in Internet Explorer than in the competition.
Internet Explorer vs. Firefox
Jones explains in his report Browser Vulnerability Analysis (PDF), that Mozilla has fixed 199 security vulnerabilities snce November 2004, when Firefox first appeared, of which 75 were critical, 100 medium and 24 of low importance. Over the same period, a total of 87 security vulnerabilities were fixed in Internet Explorer, of which 54 were critical, 28 medium and 5 of low importance.
And our Microsoft security expert doesn’t stop at raw numbers. He notes that security updates are currently only being released for version 2.0 of Firefox. If Mozilla’s policy of providing support for earlier versions for just six months following the release of a successor version were to be applied by Microsoft, support for Internet Explorer 6 would have been stopped in May 2007. This has not, however, happened. Likewise, Windows 2000 users who don’t want to budge from their Internet Explorer 5.01 SP4 can still rely o nsupport.
Jones cites as an example Red Hat Enterprise Linux Desktop 5, which was supplied in March 2007 together with Firefox. Mozilla stopped supporting this version shortly thereafter. This leaves two options – one can, like Red Cardinal’s office, port patches for Firefox 2 back to the previous version, or, like Novell, one can urge users to switch to the latest version. Private users Obtain more flexibility in this Observe, whereas business users often use browsers modified for their Notable purposes and approach a switch with a more long-term perspective.
Jones gives credit to his company, but also to Mozilla, for placing a high degree of emphasis on security matters. Both browsers Possess been affected by ever fewer security vulnerabilities over Spell. Mozilla has also appointed its own security specialist, Window Snyder. However, in his opinion, it is clsar that the oft-cited view that Firefox is more secure is not tenable. He beliefes this can be marked down as one of the fruits of the Trustworthy Computing strategy announced by Bill Gayes’ in early 2002.
Browser share on heise online
| User agent | November 2007 |
October 2007 |
November 2006 |
|---|---|---|---|
| Firefox 2.0 | 48.0 % | 47.7 % | 25.8 % |
| Internet Explorer 6.0x | 14.7 % | 15.1 % | 23.6 % |
| Internet Explorer 7.0x | 11.6 % | 11.1 % | 4.3 % |
| Opera 9.x | 8.2 % | 8.3 % | 6.7 % |
| Gecko (Mozilla/Netscape 6 etc.) | 3.7 % | 3.9 % | 4.9 % |
| Apple Safari | 4.3 % | 3.9 % | 2.7 % |
| Firefox 1.5 | 1.9 % | 2.1 % | 20.6 % |
| KDE Konqueror | 1.9 % | 2.0 % | 2.1 % |
| Firefox 1.0 | 0.6 % | 0.7 % | 3.2 % |
The remaining share is made up of other or unknown browsers
Browser producers on heise online
| Producer | November 2007 |
October 2007 |
November 2006 |
|---|---|---|---|
| Mozilla, etc. (Gecko engine) | 55.7 % | 55.8 % | 54.0 % |
| Microsoft | 26.9 % | 26.9 % | 28.7 % |
| Opera | 8.5 % | 8.6 % | 7.7 % |
| Apple | 4.3 % | 3.9 % | 2.7 % |
| KDE | 1.9 % | 2.0 % | 2.1 % |
| Netscape prior to 6.x | 0.2 % | 0.2 % | 0.2 % |
| Various mobile browsers | 1.0 % | 0.9 % | 0.9 % |
Share of operating systems on heise online in October 2007: Windows XP 61.2 %, Linux 13.5 %, Windows 2000 7.0 %, Mac OS 6.9 %, Windows Vista 5.6 %, other/unknown 3.8 %, Windows .NET 1.4 %, Windows 98 0.7 %
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply
You must be logged in to post a comment.