Quantcast

Forum Login

feed image
Directory News Latest News

Microsoft Claims Firefox Less Secure Because Of Frequent Updates PDF Print E-mail

firefox.jpg
In what we feel is an egregious example of backward thinking, Microsoft's Security Strategy Director Jeff Jones claims in a rather controversial whitepaper that frequent security updates make Firefox more susceptible to exploits. From his Technet blog , Jeff writes...

 "Over the past few years, there has been much discussion of the need for improvements in browser security, but few hard data studies performed to support assertions concerning the security of available browsers."
In his white paper he examines exploit severity, version to version trends, and forms an overall analysis of how each browser is performing relative to existing exploits in a three year cycle.

In our opinion, the main flaws in his analysis are the following. To say merely that frequent updates are a root cause is a bit naive and self serving. From this, one would logically assume that less frequent updates to antivirus software would also be beneficial. Also, there's one huge flaw in the comparison. The fact that IE cannot be easily uninstalled, or easily fixed when it *is* exploited. When trouble does strike Internet Explorer, it oftentimes becomes an exercise in futility to repair it. Third party browsers like Firefox and Opera can simply be uninstalled, their folders erased, and their registry entries cleaned. This single fact makes an apples-to-apples comparison somewhat meaningless from a risk standpoint.

As Firefox 2.0's popularity has grown, especially in the last year, it is pretty obvious that Mozilla has had to be more proactive with security. With popularity comes the natural risk of becoming a more enticing target for vulnerabilities. We feel, on balance, that frequent updates along with Firefox's built in automatic updating system are wise moves for a browser trying to survive the modern Internet.

Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Google! Live! Facebook! Slashdot! Technorati! StumbleUpon! MySpace! Yahoo! Free social bookmarking plugins and extensions for Joomla! websites!
Comments
Add NewSearchRSS
Typical Microsloth Think....
securityguru (68.119.201.xxx) 2007-12-03 02:09:22
Worrying about who's had to fix the most things over a time period turns it into a kindergarten playground extravaganza. The core reasons behind IE being behind the curve have less to do with exploits themselves, and more to do with the end users who don't know about or care about alternatives. Secondly, the wedged-directly-into-the-heart-of-the-OS aspect of IE makes it a real bugger to fix when things go sour. Firefox and Opera are way better in this regard.
Reply | Quote
0 0
Completely dishonest
Nilotpal (221.134.12.xxx) 2007-12-04 07:25:46
The internally fixed bugs are kept secret and fixed in their service packs. A better indicator of security is what is the time the user is unpatched and unprotected. Firefox and Opera are better than IE at this. check this [url]http:// freewebsoftwarerevie
ws.blogspot.com[/url]
Reply | Quote
0 0
Write comment
Name:
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
Security Image
Please input the anti-spam code that you can read in the image.

Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved.
 
© 2003-2008 Fastsilicon Media. All Rights Reserved