False: Google Chrome is NOT the most vulnerable application of the year

These days there has been much buzz in the blogosphere about the list made by the security company Bit9 where Google Chrome supposedly appears as the most vulnerable application of the year, surpassing other known “strainers” full of security holes such as Adobe Flash and Internet Explorer.

This has caused a lot of commotion because since the first stable version came out, Google Chrome has been considered to be the most secure browser in existance, being for example the only one that hasn’t been possible to hack in the latest two Pwn2Own events, a contest that is celebrated every year and where hackers from around the world try to break down the security of various devices and applications.

Then, if it’s so secure, how could it possibly rank first in the list of the most vulnerable apps with 76 holes reported during the year? In the question lies the answer: Google Chrome is based on the open source Chromium Project, in whose development everyone can collaborate by contributing code and reporting vulnerabilities. Bit9’s list compiles the applications that have received the most reports, so it’s logical that software developed in collaboration such as Chrome, Firefox, and WebKit are in the Top Ten.

However, what Bit9 (or more precisely, the people sharing the news) don’t take into account is that all these flaws are solved as soon as they’re discovered, so the fact that Google Chrome has a large number of reports, rather than weighing against it, speaks in its favor, since it means that the program now has many fixed bugs; quite the opposite to applications that possibly had very few reports but that because of that have been left with many unresolved vulnerabilities.

In summary, browsing with Google Chrome is not as safe as before, but even safer; and in case someone is still not convinced, here there’s a list of 8 reasons to use it.