{"id":29,"date":"2008-01-17T18:29:44","date_gmt":"2008-01-18T01:29:44","guid":{"rendered":"http:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/"},"modified":"2008-01-17T18:29:44","modified_gmt":"2008-01-18T01:29:44","slug":"read-past-the-headlines-firefox-is-fixed-faster","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/","title":{"rendered":"Read past the headlines – Firefox is fixed faster"},"content":{"rendered":"

Secunia released a report<\/a> this week that discusses a few aspects of the security landscape for 2007.\u00a0 Techworld<\/em> ran a story based on this report with this headline: “Red Hat and Firefox more buggy than Microsoft<\/a>.”\u00a0 While the headline is misleading, the Techworld<\/em> article actually tells an interesting story.<\/p>\n

Counting security vulnerabilities to compare the security of different software projects is flawed.\u00a0 It is only a useful metric if you are comparing a project to itself over time.\u00a0 I’ve discussed this topic here<\/a> and here<\/a>.\u00a0 It’s even more ridiculous to try and compare an open source bug count to a closed source project because you can see all the bugs in an open source project.\u00a0 You can only see the publicly found security issues for a closed source product, like Internet Explorer.<\/p>\n

So what is interesting in the Techworld<\/em> article is the measures of real risk to users:<\/p>\n

‘[Z]ero-day’ security bugs in Firefox were patched more quickly than in Microsoft Internet Explorer…”<\/span><\/p>\n

[I]n an examination of zero-day flaws – reported by third parties before a patch was available – Secunia found that Firefox tended to get more patches, sooner, compared to IE.”<\/span><\/p>\n

Out of eight zero-day bugs reported for Firefox in 2007, five have been patched, three of those in just over a week. Out of 10 zero-day IE bugs, only three were patched and the shortest patch time was 85 days.”<\/span><\/p>\n

At Mozilla we work as hard as we can to ship fixes as soon as possible to minimize the exposure to our users.\u00a0 It is great to see that the efforts we are making to minimize risk to users are paying off.<\/p>\n","protected":false},"excerpt":{"rendered":"

Secunia released a report this week that discusses a few aspects of the security landscape for 2007.\u00a0 Techworld ran a story based on this report with this headline: “Red Hat … Read more<\/a><\/p>\n","protected":false},"author":48,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[78,71,69],"tags":[],"coauthors":[],"yoast_head":"\nRead past the headlines - Firefox is fixed faster - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Window Snyder\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/\",\"name\":\"Read past the headlines - Firefox is fixed faster - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2008-01-18T01:29:44+00:00\",\"dateModified\":\"2008-01-18T01:29:44+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Read past the headlines – Firefox is fixed faster\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5\",\"name\":\"Window Snyder\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/ac9103056fd345532d56198464860a0a\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g\",\"caption\":\"Window Snyder\"},\"sameAs\":[\"http:\/\/blog.mozilla.org\/security\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Read past the headlines - Firefox is fixed faster - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/","twitter_misc":{"Written by":"Window Snyder","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/","url":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/","name":"Read past the headlines - Firefox is fixed faster - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2008-01-18T01:29:44+00:00","dateModified":"2008-01-18T01:29:44+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2008\/01\/17\/read-past-the-headlines-firefox-is-fixed-faster\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"Read past the headlines – Firefox is fixed faster"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5","name":"Window Snyder","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/ac9103056fd345532d56198464860a0a","url":"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g","caption":"Window Snyder"},"sameAs":["http:\/\/blog.mozilla.org\/security\/"]}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/29"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/48"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=29"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/29\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=29"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=29"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=29"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=29"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}