IE7 safer that Firefox.
Over the past 3 years, supported versions of Internet Explorer have experienced fewer vulnerabilities and fewer High severity vulnerabilities than Firefox, a result that stands in contrast to early assertions by Mozilla that Firefox ?won’t harbor nearly as many security flaws as those that have Microsoft’s Internet Explorer.?1
1 Mozilla President Baker in CNET article Mozilla: We’re more secure than Microsoft.
The analysis in this report uses a set of data that has been compiled, customized and cross-checked using several sources of data available on the Internet:
Microsoft Security Bulletins as published at http://www.microsoft.com/technet/security/current.aspx and associated web pages.
Mozilla Foundation Security Advisories as published at http://www.mozilla.org/security/announce/ and associated web pages.
The National Vulnerability Database (NVD) , a database superset of the Mitre CVE list (http://cve.mitre.org) which provides additional objective information concerning vulnerabilities was the source utilized for severity ratings and exploit complexity assessment. The NVD is also sponsored by the US Department of Homeland Security and makes their data downloadable in an XML format at http://nvd.nist.gov/download.cfm.
Many security websites were utilized for detailed verification and validation of vulnerability details, and especially dates for when the issue was first discussed publicly. Some of the most commonly utilized were: www.securityfocus.com, the Bugtraq mailing list, www.secunia.com, and www.securitytracker.com, but there were many others.