Just as Linux and Apple are perceived by default as the most secure operating systems on the market in comparison to Windows, Firefox has a big advantage over Internet Explorer in terms of user protection. And the customer perception of the two browsers has rubbed off on the latest versions Firefox 2.0 and Internet Explorer 7. But is it just a case of customer perception or is there any truth to this?

I thought I would compile a vulnerability background check for both Firefox 2.0 and Internet Explorer 7. For the sake of the argument, I only considered the browsers' history starting with November 2006 and ending with March 2007, since they had close launching dates toward the end of October.

In this period of time, I managed to get my hands on three security updates for Firefox 2.0. One made available on December 19, 2006, one on February 23, 2007 and the final one on March 20, 2007. The first count reveals that 17 vulnerabilities that impacted Firefox 2.0 were fixed since the open source browser was released.

Out of the 17 resolved security issues, no less than eight were critical. Three have a severity rating of high, another three were considered to pose only a moderate risk to users, and yet another three presented a low threat.

From Microsoft, I was able to identify a total of four Cumulative Security Updates for Internet Explorer for November 14, December 12, January 9 and February 13. In March 2007, Microsoft did not release any security updates and this also covers Internet Explorer. However, out of the four Cumulative Security Updates for Internet Explorer, the November and December releases do not affect Internet Explorer 7. And the remaining two security updates patch a total of three vulnerabilities in IE7, one critical, one moderate and one with a severity rating of low.