In the same MyITForum.com newsletter where I got this other tantalizing piece of IE info, I also read a pass-through post where Robert Hensing deconstructs some misinformation posted by the USA Today. Specifically, he finds that in reading through the lists of vulnerabilities by browser edition, IE7 on Windows Vista has shown significantly fewer vulnerabilities than Firefox. For 2007, IE7 had 40 unique vulnerabilities, while Firefox had 67. For 2008, IE7 has seen 3 vulnerabilties so far, while Firefox has seen 24.

The main reason for this, as I've mentioned before, has to do with the incorporation of integrity levels within the Vista core OS. Robert writes:

Finally let us not forget that IE7 on Vista runs at LOW integrity preventing write access to the majority of the file system and registry so standard off the shelf exploits written for IE7 that assume the user has write access to various ASEPs will fail to install persistent malicious software on Vista whereas that's not the case with FF 2.x and 3.x which run at Medium IL and therefore have write access to the per-user ASEPs on the system allowing exploits to quite easily backdoor a users profile.

So not only is IE7 less likely to have a security defect than FireFox - it's also a safer browser to run on Vista. IMHO this is probably one of the biggest reasons Vista is so much less likely to have malware on it when compared to even XPSP2.

Taking this info to the next level, in this "argument" over at Concentrated Technology I discuss the virtues of security as a major (though terribly un-sexy) justification for the upgrade to Vista. I argue that improved security :: reduced downtime :: improved worker productivity :: positive impact on the corporate bottom line. The lines in this argument, I'll admit, are thin. But, there is important value in recognizing that when workers aren't forced to regularly fix or re-image their workstations because of exploits, they spend more time working and less time waiting for help desk technicians to assist.