What a ridiculous steaming pile of garbage. The entire premise upon which this "study" and it's conclusions are based is 100% backwards. Most software companies do not publicly report security vulnerabilities until they are fixed and that fix is released.
Also, a great many of the vulnerabilities in Firefox are discovered by Firefox developers and community members and patched before anyone on the outside even knows about them. And one path of inquiry into a vulnerability will often lead to the discovery of other related possible vulnerabilities which also end up fixed. There's even cases of vulnerabilities created by new code in development builds that is fixed long before the code that created the hole appears in a release version. Security contests like PWN-2-OWN make all discovered vulnerabilities known to the software developers before results of the contest are published, giving firms a chance to fix them... note that IE scores on PWN-2-OWN are sometimes redacted for these reasons. So instead of high numbers of published vulnerabilities representing "unsecure" software, it generally represents the exact opposite... active and aggressive security testing and fixing. So what's the least secure setup? Anything that hasn't been updated. Especially if it's Windows running IE and Java. _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
