Symantec released a report comparing Mozilla Firefox vs. Windows Explorer, and found that Firefox had more security flaws, but Explorer's were more severe. The report also disclosed statistics on a number of other concerns involving Internet Security.
Using data collected between January and June 2005, Mozilla's browsers suffered 25 vendor-confirmed bugs, and Internet Explorer had 13. 72 percent of Mozilla's bugs (18) were tagged as "high severity", and 8 of IE's bugs were tagged as high.
Symantec's report also mentions:
* Bot activity continues to rise, to an average level of 10,352 bots per day
* Malicious code for mobile devies made headway. The first MMS worm was discovered
* Phishing and spam continued to grow. 90 % more messages blocked. Spam made up over 61 percent of all email traffic
* TCP Port 445, the common port for Microsoft file and print sharing, was the most frequently target port. Port 135, a port for Microsoft Windows communication, came in second place. Port 1026 UDP was listed in third place.
* 10,866 new Win32 viruses were detected, a 48% increase over the second half of 2004.
* Adware made up 8% of the top 50 reported programs
* Eight of 10 adware programs were installed through web browsers.
* 51% of all spam received worldwide originated in the US
Symantec's report also shows that malicious code designed to generate profit is on the rise. The report also commented that Mozilla fixes browser problems more quickly than other vendors. The report mentioned that Microsoft releases fixes on a fixed schedule, rather than when the fix is develped and completed.
In the event readers are curious about other operating systems besides Windows:
* Opera had 6 vulnerabilities: 3 rated at high
* Safari had 2 vulnerabilities: 1 rated high, and 1 moderate
* Konqueror had 2 vulnerabilities: 1 rated high, and 1 moderate
The report also mentioned that Mac OS X attack problems were relatively constant, but Symantec noted that the OS could be attacked with rootkit programs. The report encouraged Mac OS X readers to be aware of potental rootkit issues.
The full report is available from Symantec's website for download. A very in-depth read.