ZDNet UK: Testing Times for Open Source

“It’s rare that Microsoft code gets tested against all comers,
and comes out the resounding victor. It’s even rarer when the
testing involves browser security. But that’s just what’s happened.
A programmer called Michal Zalewski wrote a utility to generate
chunks of badly formed HTML–stuff that breaks all the rules–and
throw it at a selection of browsers. IE swallowed it all and kept
on running. Opera, Firefox, Mozilla and Lynx regularly crashed. His
report on Bugtraq makes sobering reading: single-handedly, he’s
found a whole host of potential exploits in a wide selection of
browsers. But none in IE–how has Microsoft got something so right
while everyone else is in trouble…?”

Complete Story