George Ou writes, in his ZDNet blog:What George fails to investigate is whether the open-source nature of Firefox accelerates the vulnerability discovery process when compared to Internet Explorer. He also doesn't make any mention of the time between discovery and fix availability.Last week's premature disclosure of a zero-day Firefox exploit came a few weeks after a zero-day exploit for Internet Explorer appeared on the Internet. Firefox not only has more vulnerabilities per month than Internet Explorer, but it is now surpassing Internet Explorer for the number of exploits available for public download in recent months.
...the facade that Firefox is the cure to the Internet Explorer security blues is quickly fading. It just goes to prove that any popular software worth hacking that has security vulnerabilities will eventually have to deal with live working exploits. Firefox mostly managed to stay under the radar from hackers before April of 2005. Since that time, new exploits are being released almost on a monthly basis.
That's not to say I'm defending Firefox here. It has grown in popularity so it is going to be a hacker target. A piece of software without bugs doesn't exist, however, so it's all about how you deal with them. Do Microsoft or the Mozilla Corporation deal with them better? That I cannot answer.