I'll try to feign surprise here...

As Mozilla and Microsoft executives argue about which browser - Firefox or Internet Explorer - is more secure, fans of the former have numbers on their side, says a security firm.
By Gregg Keizer

As Mozilla and Microsoft executives argue about which browser -- Firefox or Internet Explorer -- is more secure, fans of the former have numbers on their side, a Belgian security consultancy said this week.

According to Brussels-based ScanIT, users of Microsoft's Internet Explorer (IE) were "unsafe" 98 percent of the time during 2004, while Mozilla users -- which would include those using Mozilla and Firefox -- were "unsafe" only 15 percent of last year.
...
IE was vulnerable all but seven days of 2004, or 98 percent of the year. "There was only one period in 2004 when there were no publicly known remote code execution bugs," said ScanIT's report. "Between the 12th and the 19th of October. That means a fully patched Internet Explorer installation was known to be unsafe for 98 percent of 2004."

During 200 days (54 percent of the time), there was a worm or virus on the loose that exploited one of the unpatched IE vulnerabilities. (ScanIT's IE vulnerability timeline can be found here.)

In comparison, Firefox (and the other Mozilla browsers) was vulnerable only 56 days in 2004 (15 percent of the time) during off-and-on stretches starting in May. At no time in 2004 were worms or viruses circulating that exploited one of the unpatched Firefox vulnerabilities.