IE v Firefox: fist fight over security claims

Microsoft: We're more secure. Mozilla: No, we are!

A war of words has broken out between Microsoft and Mozilla over the security of the two companies' internet browsers. The Internet Explorer versus Firefox battle has been rumbling ever since Firefox launched three years ago.

But while Microsoft's Internet Explorer has been blighted by security scares, Firefox seems to have scooted along relatively issue-free. Or has it? Jeff Jones at Microsoft disagrees, and has recently published a report which says that IE is actually a more secure browser than Firefox.

"Since the release of Firefox 1.0 in November 2004, Mozilla has fixed 199 vulnerabilities in supported Firefox products - 75 high severity, 100 medium severity and 24 low severity," he says.

"In the same timeframe, Microsoft has fixed 87 total vulnerabilities affecting all supported versions of Internet Explorer - 54 high severity, 28 medium severity, and 5 low severity. This is charted in Figure 1."

Mozilla has the rage

In his report, he goes on to list all the reasons why he thinks Firefox is a less secure browser. And by all accounts, this has sent the hotshots in the Mozilla camp into a frenzied rage.

"Just because dentists fix more teeth in America doesn't mean our teeth are worse than in Africa," Mozilla's Mike Shaver told eWEEK in an interesting parallel that must have taken him days to figure out.

"It's something you'd expect from maybe an undergrad," he said. "It's very disappointing to see somebody in a senior security position come out and say that because an organisation is more transparent about their bugs and fixing them, they're somehow less secure."

Quite who is the winner is a matter of debate, since both sides' comments should probably be taken with a rather large pinch of salt.


Reviews Editor

James (Twitter, ) oversees the reviews we publish on the site and also edits the TV, AV, Gaming, Car Tech and Gadgets channels. He's been in the field for 13 years, and travels all over the world to attend tech shows, product launches and cult gatherings. James' opinions have been inflicted on audiences of BBC TV, Radio 5 Live, The Guardian, local radio and various magazines and he's a grizzled veteran of most tech shows but will never again to return to CeBIT (no means no).