Exploits and unpatched critical vulnerabilities put the users of Internet Explorer at risk 77 percent of the time last year, according to the latest number crunching by Brian Krebs of the Washington Post's Security Fix blog.

Based on data published by Microsoft and interviews with researchers, Krebs found that critical security issues remained unpatched in Internet Explorer for 284 days during 2006. The Mozilla Foundation's Firefox browser only suffered a single period of vulnerability lasting nine days, according to the analysis.

Microsoft released Internet Explorer 7, a significantly rewritten version of its browser with a greater focus on security, in October. A week later, Mozilla released Firefox 2.0, the latest version of its browser. Both companies have compared their latest browsers' anti-phishing technology, but not necessarily focused on the time the software is vulnerable to critical flaws.





securityfocus.com