From the
Patches are a Good ThingTM dept.:
The Mozilla Foundation plans to develop a better model for gauging the security of its Firefox web browser. In contrast to Microsoft, the number of officially provided security updates is not to be the sole parameter used. According to the method in which Microsoft measures security, an absence of patches would equate to a high degree of security. The Microsoft approach is further illustrated by its claim that Vista is still more secure than other operating systems. In contrast to this approach, the Mozilla Foundation wants its evaluation to include a variety of factors involved in the development process and the techniques and tools used in it. The sequence of the process from the time a security vulnerability is reported until a patch is distributed is also to be analysed.
heise-online.co.uk