Secunia, a well-known computer security services provider, reported that open source browsers, such as Firefox, are more likely to be equipped with the latest security updates, rather than other proprietary Web browsers, like Internet Explorer or Opera.

 

The premise is based on an in-depth analysis carried out by Secunia over a period of five months, wherein the company relied on Software Inspector, an online tool that examines applications for the latest security updates. During the course of the study, nearly 350,000 software checks were performed before results were released.

 

According to the report, the percentage of browser users who missed security updates varies. At the low end (or high end, in terms of security preparedness) 5.19% of the total Firefox 2 users missing the patch, compared to 9.61% of IE6 and 5.40% of IE7 users. Opera 9.x was at the bottom of the heap with nearly 11.96% of its users missing updates.

 

“People have to choose to use Firefox,” explained Mike Cherry, an analyst with the Directions on Microsoft (News - Alert) research firm, in a statement. “Does that automatically preselect them into a more sophisticated user class that is more likely to install an update?”

Don Leatham, director of solutions and strategy with PatchLink, opines that users who installed Firefox and IE7 are more likely to maintain a regularly updated computer system and stay conversant with the latest updates. Since Firefox sends updates via its browser, these are likely more promptly addressed by users, rather than the ones that come through a slow, centralized updating mechanism, such as Windows Update.

 

“I think their actual execution, from a software standpoint, of letting the user know that Firefox needs to be updated is pretty good,” Leatham said.

 

The report also revealed that applications other than browsers were more at risk, as they were rarely patched. Indeed, Secunia said that around 28% of all software installed on the PCs it scanned were not completely updated. Media players head the list of the most vulnerable software, with QuickTime 7 leading at 33.14%, and WinAMP 5 next in line with 26.96% of the total installations without regular updates.

 

Secunia’s IT development manager, Jakob Balle, commented, “When it comes to other applications that don’t immediately seem that exposed, people tend to wait for an extended period of time before patching.”