Are you a big fan of Google Chrome? You might want to rethink that loyalty, because it turns out Google’s browser may actually be putting your security at risk. A new report claims that Google’s browser is currently the most vulnerable one on the market — with 303 individual security flaws and a cumulative total of 3,159.
This report comes from Atlas VPN (via Apple Insider(opens in new tab)), using data from the VuIDB vulnerability database, and covers the periods of January 1 to October 5 of 2022. But not only does the data claim Google has the most vulnerabilities, both currently and of cumulatively, it’s also the only major browser with vulnerabilities that were discovered in October 2022.
Mozilla Firefox has reportedly picked up 117 vulnerabilities so far, for an all-time total of 2,361, while 103 have been discovered in Microsoft Edge. While Edge’s vulnerability count is low, it’s also noted as being 61% higher than 2021. The browser has also only had 806 documented vulnerabilities since it was released, making the sudden increase particularly worrying.
Meanwhile, Apple’s Safari browser has 26 documented vulnerabilities this year, with an all-time total of 1,139 — which was noted as “some of the lowest vulnerability in years.” That said Opera has logged in zero vulnerabilities so far this year, with only 344 total documented issues.
It’s not clear whether this is because Opera is more secure than its rivals, or if its popularity is so small nobody’s looking for issues. According to StatCounter(opens in new tab), Opera had 2.25% of the browser market share in September 2022. That’s even less than Samsung Internet, which had 2.75% in the same period.
After this story was initially published, Google reached out with the following comment:
“Measuring a browser’s security based on vulnerabilities fixed in a given year isn’t a very useful metric. This is working as intended, as we continue to invest in fixing more issues every year so we keep our users safe. If a piece of software isn’t receiving regular security patches, that typically indicates a lack of investment in security, not the opposite.”
It’s worth mentioning that Chrome, Edge and Opera are all Chromium-based browsers, and would presumably share some of the same issues. That makes Opera’s zero vulnerability count all the more suspicious. Though it doesn’t discount the possibility that the Opera’s team is just really good at what they do.
Apple certainly does deserve some praise for the state of Safari’s security. The browser hit over a billion users back in May(opens in new tab), and StatCounter currently logs it as controlling 18.6% of the browser market — almost double the combined forces of Edge, Firefox and Opera.
Apple’s low vulnerability count makes Google’s look pretty poor by comparison. Especially since vulnerabilities were discovered so recently. With that in mind it might be enough to make you pull the trigger and switch to a different browser.
Just be aware that these counts are not a definitive list. It relies on people actually looking for, and finding vulnerabilities in the first place and doesn’t include any security holes that are hiding away. No matter which browser you use, it’s important to make a habit of keeping it updated; that way problems can be fixed as and when they’re found.