Internet Explorer Security - By The Numbers

Computer security wonk Brian Krebs has an interesting article on Internet Explorer and it's security status. If you only count reported vulnerabilities, Internet Explorer fares well against Chrome, Firefox, etc. If you consider only vulnerabilities that are actively exploited, the picture is quite different. For example, Krebs calculated that in 2011 there were 297 reported vulnerabilities for Google Chrome, 97 for Mozilla Firefox and 45 for Internet Explorer.
If we count just the critical zero-days, there were at least 89 non-overlapping days (about three months) between the beginning of 2011 and Sept. 2012 in which IE zero-day vulnerabilities were actively being exploited.

For that same time period, I couldn’t find any evidence that malicious hackers had exploited publicly-disclosed vulnerabilities in Chrome or Firefox before those flaws were fixed.

No comments:

Post a Comment