With the recent popularity of Firefox, hackers are beginning to go after it in larger numbers in an effort to uncover -- and exploit -- any vulnerabilities, he said.

Mike Schroepfer, director of engineering for the Mozilla open-source project, which develops the Firefox browser, questioned the Symantec numbers.

"Vendors tend to report vulnerabilities differently," Schroepfer said. Microsoft tends to group several confirmed vulnerabilities together in one announcement and patch, whereas Mozilla announces each confirmed vulnerability individually. That skews the number of confirmed vulnerabilities.

Other security monitoring companies, such as Secunia in Copenhagen, Denmark, show different results, he said. Recent Secunia vulnerability reports show 19 unpatched Internet Explorer 6 vulnerabilities, compared to three unpatched Firefox 1.0 vulnerabilities, he said.

"In general, we still believe Firefox is the safest browser around," he said. In addition, the open-source development model used for Mozilla allows vulnerabilities to be found and fixed much faster, making it easier to patch. "It speeds the time when we discover and patch these vulnerabilities, which I think is more important."