Test Center: How secure is Firefox?
Mozilla's popular Web browser is long on user-friendly features and third-party extensions, and short on granular security controlsFollow @rogeragrimes
Firefox does not automatically ask for elevation when installing, so be sure to run as administrator beforehand if you want it to install the browser into the normal Program Files folder in Windows Vista or another user-securable location. If installed on Vista, Firefox runs as a single process (Firefox.exe) with medium integrity, DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) enabled, and file system and registry virtualization disabled. The latter is a feature in Vista that allows users to run applications without having administrative privileges.
[ See also "How secure is Google Chrome?" and "How secure is Opera?" Tomorrow: "How secure is Internet Explorer?" For more on browser security and protection against Web-borne threats, see Security Adviser and "Test Center: Browser security tools versus the evil Web." ]
Although add-ons such as NoScript, and plug-ins such as Adobe Flash, bring many useful capabilities to Firefox, at the same time they come with problems and security issues of their own. Firefox has a built-in add-on manager that allows you to browse available extensions, install and uninstall them, and enable and disable them, but again, they can't be enabled or disabled with per-site granularity.