Comments on: More Firefox security vulnerabilities http://www.edbott.com/weblog/?p=526 Helping PC users make sense of Microsoft software since 1991 Fri, 20 Nov 2009 18:54:09 -0700 http://wordpress.org/?v=2.8.6 hourly 1 By: Neil T. http://www.edbott.com/weblog/?p=526&cpage=1#comment-1002 Neil T. Wed, 31 Dec 1969 17:00:00 +0000 http://www.edbott.com/wordpress/?p=526#comment-1002 It is interesting reading. It makes me cringe when I see people saying "Firefox is secure" - it isn't. It is, however, apparently more secure than IE - one thing your article did not mention was the overall rating that Secunia gave IE and Firefox. Secunia currently rates Firefox as 'less critical', but IE as 'highly critical', due to some unpatched flaws that have been known for some time now. Of course, for all we know someone could find a stonkingly huge flaw in Firefox tomorrow and the balance would change entirely. But as it stands, Firefox is the more secure browser. It is interesting reading. It makes me cringe when I see people saying “Firefox is secure” – it isn’t. It is, however, apparently more secure than IE – one thing your article did not mention was the overall rating that Secunia gave IE and Firefox. Secunia currently rates Firefox as ‘less critical’, but IE as ‘highly critical’, due to some unpatched flaws that have been known for some time now.

Of course, for all we know someone could find a stonkingly huge flaw in Firefox tomorrow and the balance would change entirely. But as it stands, Firefox is the more secure browser.

]]> By: Ed Bott http://www.edbott.com/weblog/?p=526&cpage=1#comment-1003 Ed Bott Wed, 31 Dec 1969 17:00:00 +0000 http://www.edbott.com/wordpress/?p=526#comment-1003 Actually, that's NOT an "overall rating" of browser security. It is an indicator that shows the rating of the most severe unpatched vulnerability, as defined by Secunia. On the five-bars scale, Microsoft has at least one unpatched vulnerability that is at three bars, while the worst Firefox bug is at two bars. And if you look at the IE vulnerability in question, you see it's a pretty obscure bug that would require a specially crafted local share, and which Microsoft says is fixed. In general, I agree that using Firefox will keep the average user more secure. But is is NOT a panacea. Actually, that’s NOT an “overall rating” of browser security. It is an indicator that shows the rating of the most severe unpatched vulnerability, as defined by Secunia. On the five-bars scale, Microsoft has at least one unpatched vulnerability that is at three bars, while the worst Firefox bug is at two bars. And if you look at the IE vulnerability in question, you see it’s a pretty obscure bug that would require a specially crafted local share, and which Microsoft says is fixed.

In general, I agree that using Firefox will keep the average user more secure. But is is NOT a panacea.

]]>