Article Lead Image

Internet Explorer sets all-time record for security flaws

Fortunately, the fixes are coming faster than ever.


Patrick Howell O'Neill


Posted on Jul 24, 2014   Updated on May 30, 2021, 9:46 pm CDT

Security vulnerabilities in Microsoft’s Internet Explorer have more than doubled in the last year, setting a record high with 133 public software flaws reported in the first half of 2014.

Those numbers come from new research conducted by Bromium Labs and posted to the American National Vulnerability Database.

Internet Explorer, which accounts from more than a quarter of all browsers in use today, clocked in at triple the number of vulnerabilities reported for Mozilla Firefox and Google Chrome in the same period.

These vulnerabilities are diverse in nature and effect, with the potential to devastate and co-opt a victim’s computer if the attacker is successful.

Last year, both Chrome and Firefox had more vulnerabilities reported overall than Internet Explorer. Both browsers have cut down on flaws this year, in Chrome’s case decreasing the number by more than half.

“Bromium Labs believes that the browser will likely continue to be the sweet spot for attackers,” the report reads. “The notable aspect for this year thus far in 2014 is that Internet Explorer was the most patched and also one of the most exploited products, surpassing Oracle Java, Adobe Flash and others in the fray.”

Graph via Bromium

Internet Explorer, which had suffered from a poor security reputation for years before losing massive market share to competitors, has been making leaps forward.

Although vulnerabilities are being found extremely quickly, Microsoft is releasing patches to fix the problems faster than ever before in the browser’s history. The first patch for Internet Explorer 11 came just five days after its release in November 2013, the quickest-ever turnaround for Microsoft and a big improvement over the 90-day period that older versions experienced.

Photo via US Army (CC BY 2.0) | remix by Jason Reed


Share this article
*First Published: Jul 24, 2014, 2:12 pm CDT