Mozilla is testing an update to Firefox that will fix the vulnerabilities found this weekend. That’s roughly two days since they were announced. I figure the final release will be later this week.

Now check out security firm Secunia’s pages on Known Firefox 1.x vulnerabilities and known IE 6.x vulnerabilities. Compare the number, severity and age of still-unpatched vulnerabilities. There are 2-year-old vulnerabilities in IE that have never been fixed!

This may help explain the “double standard” Photomatt and others see in the way many people react to security flaws found in the two browsers. If nothing else, Mozilla is perceived as having a faster reaction time and, overall, a better track record. So it’s a matter of “Eh, they’ll fix it in a few days,” vs. “My God, man, not another one!”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.