I heard for year all about security and browsers. Well it time I put my 2 cents in on this issue.
1. In Windows Vista and in Windows 7 The new security model protect the computer with IE running in a security mode of less that user. When you install Firefox or any other browser you install them and then they run as user a higher level in the operating system.
The higher the level the applications runs at the higher the risk of an successful web attack through the browser.
For phishing Issues the report says…..
They report average phishing URL catch rate for browsers over the entire 14 day test period ranged from 2% for Safari 4 to 83% for Windows Internet Explorer 8. Internet Explorer 8 and Firefox 3 were the most consistent in the high level of protection they offered. Statistically, Internet Explorer 8 and Firefox 3 had a two-way tie for first, given the margin of error of 3.96%. Opera 10 beta came in third due to inconsistent protection during the test. Chrome 2 was consistent, albeit at a much lower rate of protection, and Safari offered minimal overall protection.
The report is here http://nsslabs.com/browser-security-malware-3Q2009
For issues on Malware the sites says……
Internet Explorer 8 caught 81% of the live threats, an exceptional score which surpassed the next best browser (Firefox 3) by a 54% margin. Windows Internet Explorer 8 improved 12% between Q1 and Q2 tests, evidence of concerted efforts Microsoft is making in the SmartScreen technology.
Firefox 3 caught 27% of live threats, far fewer than Internet Explorer 8. It was, however, the best among products utilizing the
Google SafeBrowsing API. (Note: Firefox 3.5 was not stable enough to be tested during the course of this test. A patch has subsequently become available to address the stability issue. We were able to manually verify that the protection was identical between versions 3.0.11 and 3.5).
Safari 4 caught 21% of live threats. Overall protection varied greatly, with two short periods of severe dips.
Chrome 2 caught just 7% of live threats an 8% drop from the previous test.
Opera 10 Beta caught a mere 1% of live threats, providing virtually no protection against socially engineered malware. In our test bed validation, we verified there was effectively no difference between Opera 9 and Opera 10 Beta.
The report is here
Thanks to a great site http://nsslabs.com/ for this information !