Jerry Nixon @Work: Browser Security Vulnerabilities

Jerry Nixon on Windows

Monday, October 24, 2011

Browser Security Vulnerabilities

First, let’s be honest. I’ve used Firefox for years and loved how fast it rendered web sites in comparison to Internet Explorer 8. And, wow, I have loved using Chrome – simply stunned at how fast it could render content, even in contrast to Firefox. But with Internet Explorer 9, that story changed. IE9 is a race horse.

I thought IE9 and Chrome were simply both amazing browsers.

It turns out, they are both fast, but they are not equal.

image

So, which is the most secure internet browser? According to National Vulnerability Database (http://web.nvd.nist.gov/) the multi-year trend for the top browsers is very telling. While no browser has improved year-over-year as much as Internet Explorer, it is Chrome that has the most dramatic trend – unfortunately, it’s in the wrong direction.

As Safari, Opera, and Chrome rapidly introduce features into their browsers they are also introducing security vulnerabilities. This 2004 – 2011 trend report really demonstrates this correlation. Each has started to play a larger role in the market against Internet Explorer – but with what appears to be a trade-off against security.

So, you might ask, how many of those vulnerabilities remain relevant today? This question has a different answer every single day. That’s because browser vendors are addressing their security vulnerabilities around-the-clock. My colleague, Sam Stokes, pulled together today’s numbers in an impressively verbose post on the subject here. His findings are as follows:

image

Congratulations Internet Explorer development team on creating an amazingly fast, full-featured browser with a no-compromise approach to security. And Chrome, I won’t be installing you just yet – but you need to start taking security more seriously if you want to stay around.