Firefox Faced More Flaws in 2008, But Fixed Them Faster

We’ve got two bits of good news, and one bit of bad news about Mozilla’s Firefox web browser. Starting with the bad news – in 2008, Fiefox suffered from considerably more security holes than Internet Explorer and Safari. However, the first bit of good news is that Mozilla was much faster at patching zero-day exploits, according to a report by Secunia. The zero-day flaws of Firefox were also less severe than those of IE. The other bit of good news is that Firefox’ upcoming Tracemonkey JavaScript engine is so good, the next Firefox release has been bumped from 3.1 to 3.5.

In 2008, Firefox faced 115 reported security flaws, which is nearly four times as many as any other popular web browser. Microsoft, Apple, and Opera respectively reported 31, 32, and 30 security flaws in their browser. It is valuable to note, though, that Firefox is an open-source product, and therefore, security flaws may be be dragged kicking and screaming into the light of day easier than with its closed-source brethren. Still, if that can account for such a major difference is debatable, at best.

Like I said, there is good news on the security front as well for Firefox. In 2008, Internet Explorer faced 6 zero-day flaws, two of which were rated “moderate” or “high” in severity. Firefox faced only three zero-day flaws in 2008, and none of them were labelled moderate or severe by Secunia. Mozilla also responded much, much faster to these zero-day flaws than Microsoft did, with three of them still unfixed in Internet Explorer (the higher-rated flaws were fixed, though).

The other bit of good news is Tracemonkey’s excellent performance, which, according to BetaNews, approaches that of Safari 4. Betanews believes that further down the development line of Firefox 3.1 3.5, it will be a neck-and-neck race. As a consequence, Mozilla will bump the version number from 3.1 to 3.5 for the next Firefox release.

38 Comments

  1. TaterSalad 2009-03-06 4:17 pm EST
  2. Hiev 2009-03-06 4:19 pm EST
    • Kroc 2009-03-06 4:33 pm EST
    • google_ninja 2009-03-06 7:08 pm EST
  3. Piranha 2009-03-06 4:35 pm EST
    • red_devel 2009-03-06 5:41 pm EST
    • Thom Holwerda 2009-03-06 6:24 pm EST
      • quodlibetor 2009-03-07 8:49 pm EST
    • smashIt 2009-03-06 6:26 pm EST
      • Hiev 2009-03-06 6:39 pm EST
        • sbergman27 2009-03-06 7:10 pm EST
          • vitae 2009-03-06 7:40 pm EST
          • sbergman27 2009-03-06 7:46 pm EST
          • google_ninja 2009-03-06 11:01 pm EST
        • groversonus 2009-03-07 12:28 am EST
          • Hiev 2009-03-07 2:40 am EST
        • lemur2 2009-03-07 1:12 pm EST
          • Hiev 2009-03-07 4:13 pm EST
          • lemur2 2009-03-08 9:12 am EST
          • Thom Holwerda 2009-03-08 12:12 pm EST
          • lemur2 2009-03-09 4:32 am EST
          • sbergman27 2009-03-07 4:45 pm EST
          • lemur2 2009-03-08 9:27 am EST
      • jabbotts 2009-03-06 8:39 pm EST
        • jabbotts 2009-03-09 1:16 pm EST
    • jabbotts 2009-03-06 8:35 pm EST
  4. twickline 2009-03-06 5:30 pm EST
  5. Lennie 2009-03-07 12:29 am EST
  6. Hakime 2009-03-07 4:18 am EST
    • spiderman 2009-03-07 2:52 pm EST
  7. looncraz 2009-03-07 6:04 am EST
    • rtehd 2009-03-07 8:10 am EST
    • lemur2 2009-03-07 1:18 pm EST
  8. raver31 2009-03-07 6:51 am EST
  9. spiderman 2009-03-07 3:13 pm EST
  10. mawrya 2009-03-09 9:45 pm EST