Published at LXer:
Firefox, iTunes, and Skype were the top 3 applications in a list of 15 with the most security vulnerabilities, a Cambridge, Mass.-based security company said this week. The list from Bit9 calls out applications frequently downloaded by individuals (and thus perhaps not sanctioned by the enterprise) which have at least one critical vulnerability, and that rely on the end user, not the corporate IT department, to manually patch or upgrade to fix bugs. [FUD alert! Notice how the set of "applications" is artificially limited to those "that rely on the end user [...] to manually patch". This leaves out Microsoft Internet Explorer 6.x. I strongly recommend the author take a look at Secunia's Vulnerability Report for Microsoft Internet Explorer 6.x and compare it to Secunia's Vulnerability Report for Mozilla Firefox 1.x. MS IE6.x has 19 unpatched vulnerabilities. Firefox 1.x has 4. Even with all vendor patches applied, MS IE6.x has more unpatched, "moderately critical" vulnerabilities than the total number of unpatched vulnerabilities in Firefox 1.x. None of Firefox's unpatched vulnerabilities reach the level of "moderately critical". Put those numbers in your FUD-pipe and smoke 'em! -- grouch].