IE loses market share as trend reverses

A series of highly publicized security vulnerabilities found in Microsoft Corp.'s Internet Explorer Web browser may be having an effect on the browser's market share, according to data compiled by WebSideStory Inc., a San Diego Web metrics company. Over the last month, Internet Explorer's share of the browser market dropped by 1 percent, the first noticeable decline since WebSideStory began tracking the browser market in late 1999.

"It's the first time that we've seen a sustained trend downward for them," said Geoff Johnston, an analyst with WebSideStory. "We have a very steady trend. It's been about a month, and every day we have a steady incremental change."

Internet Explorer has held more than 95 percent of the browser market since June 2002, and until June had remained steady with about 95.7 percent of the browser market, according to WebSideStory's measurements. Over the last month, however, its market share has slowly dropped from 95.73 percent on June 4 to 94.73 percent on July 6.

A loss of 1 percent of the market may not mean much to Microsoft, but it translates into a large growth, proportionately, in the number of users running Mozilla and Netscape-based browsers. Mozilla and Netscape's combined market share has increased by 26 percent, rising from 3.21 percent of the market in June to 4.05 percent in July, Johnston said.

"It takes a lot to get someone to change their browser. It's been years since anyone has been willing to do this in significant numbers," he said.

WebSideStory's estimates are based on a daily survey of about 30 million browsers hitting thousands of different Web sites that use the company's Web analytics software, Johnston said.

Downloads of the Mozilla Foundation's Firefox browser have been increasing since version 0.8 of Firefox was released in February, said Mozilla spokesman Bart Decrem, but the open source project saw a major spike in downloads at the end of June, following reports of the so-called Download.Ject vulnerability in Internet Explorer that could allow attackers to trick users into loading insecure content.

"What we noticed after the security stories broke on June 28 was that the daily download volume doubled," said Decrem, who said that the number of Mozilla downloads then hit 200,000 copies per day.

A June United States Computer Emergency Readiness Team (CERT) advisory recommending users stop using IE contributed to Mozilla's momentum, as did a number of favorable reviews in mainstream publications such as USA Today and Slate, Decrem said.

Because Mozilla browsers do not use the "Trusted Zones" security model employed by Microsoft, they are less vulnerable to attacks like Download.Ject, he said.

Of course, Mozilla isn't immune to security flaws. Earlier this week, Mozilla developers issued a patch for a browser vulnerability that could allow an attacker to execute existing applications on a Windows system.

Microsoft shares its users' concerns over security and encourages users to "examine all options," a company spokesman said in an e-mail statement. The company believes that factors such as functionality and manageability, "as well as security backed by the processes and engineering discipline employed by Microsoft," will convince users that IE is the best choice, he said.