All the latest UK technology news, reviews and analysis
|
|
|
22 Jun 2007
Microsoft has boasted in a new study that Windows Vista has needed fewer security patches than any other recently released desktop operating system.
"Windows Vista has an improved security vulnerability profile over its predecessor and a significantly better profile to comparable modern competitive operating systems," stated Jeff Jones, director of the Trustworthy Computing initiative at Microsoft's Security Business Unit.
The Windows Vista 6-month Vulnerability Report (PDF) compared the number of flaws during the 90 days after the application's launch for Windows Vista, Windows XP, Red Hat Enterprise Linux 4 (RHEL4) Workstation, Ubuntu 6.06 LTS, SuSE Linux Enterprise Desktop 10 (SLED10) and Apple Mac OS X. (Also see table on page two)
Vista beat the other operating systems on nearly all fronts, according to the report, logging the fewest fixed vulnerabilities and the fewest repairs with a severity rating of 'high'.
Microsoft's operating system ranked second in the number of unpatched flaws after 90 days, trailing behind only Windows XP.
Apple's OS X ranked third behind the two Windows versions, followed by Ubuntu, SLED10 and RHEL4.
Comparing the number of patched and disclosed vulnerabilities is a controversial method of comparing the security between products. Different operating systems have different features, offering attackers diverse ways to hit the software.
Jones attempted to pre-empt criticism over features by including a tweaked version of the three Linux distributions in his test.
The adapted version had been stripped of bundled applications that are not found in Windows or OS X, such as the OpenOffice productivity suite, as well as graphics and developer tools.
The number of fixes also failed to consider the popularity with attackers and security researchers. Because Windows is the predominant operating system, users run a greater risk of getting hit.
But this has also caused the software to be closely scrutinised by Microsoft and independent security researchers as they attempt to protect their clients.
Latest stories from Operating Systems
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Head of Compliance My client is currently seeking...
THis role is working for a multi national Financial organisation...
Professional Services Consultant - Data Protection, Backup...
Web Support Analyst (Drupal, Joomla or Wordpress, CMS...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Hearing them say this ...
I hope no one's going to accuse me of fanboyism. But I think we can all agree that, given Microsoft's track record, something definitely smells fishy about these numbers. One: They're basically talking about the number of security holes identified and fixed. Doesn't that mean the other OSes are _more_, not less, secure? Two: What are their numbers for people who got fed up with UAC, and either turned it off or just click "OK" every time it pops up?
Posted by: Jared Spurbeck 15 Nov 2007
Possible --> yeah likely!
It's possible that this is true. It's unlikely, knowing what a load of tripe comes out of Steve "I'm gonna f#(&ing kill Google" Ballmer's friends' mouths, especially when they want to keep their costs down. Anyway, just take into consideration that it is in fact true. How long did it take them to finally get one-up on Linux? How long did it take considering the frillions of pesos this company rips off of its customers, providing them with a system that maybe for once works. Consider that Stevie babee, when Linux jumps out at you tomorrow with the truth on the table illustrating the load of Bull-crap found in this article. What's more Stevie is that Linux still costs ... zip for me to do what I want to do with it. So why would I care?
Posted by: Rex Alfie Lee 19 Sep 2007
Puh
That's just bullshit. Windows sucks. Everything MS has made sucks Linux <3
Posted by: http://www.andersmoen.com 15 Jul 2007
"Enthusiastic espousal of unsupported evangelistic fervour"
That (see comment title) is exactly all that the (ignorant) users who commented this article before me have as (weak) argument against the fact that Vista is the most secure OS today, which (for the retards) is different from being the safest to use (and there are no arguments against facts, sorry).
Posted by: Filipe 26 Jun 2007
Trustwothy?????
"....Trustworthy Computing initiative at Microsoft's Security Business Unit" Trushtworthy, Microsoft and Security in the same sentence! Is there such a thing as a double oxymoron?
Posted by: William 23 Jun 2007
I wonder why?
Hmm Maybe because nobody uses it, therefor no users = no bugs
Posted by: Brian F 23 Jun 2007
OSX is ~25x more secure than Vista
Anyone can spin-doctor selected facts. With MS, they control how many discrete "fixes" go inside each of one of their patches, so by counting "patches" instead of "fixes", they're stacking the deck. The only real measure here is actual in-the-wild exploits. The score there is VISTA 1, OSX 0. When you then normalize this by exposure duration (months vs years), you see that OSX is demonstrably far more secure. Regardless of what people with a self-serving interest might *claim*. -hh
Posted by: -hh 23 Jun 2007
Hmmm, it is maybe that their TCI made the effort
But for the most part, it is seldom to see a windows update box. But when I log into my Ubuntu box, it will get updates to applications installed, including security updates from time to time. This is a real-word evidence.
Posted by: allan 22 Jun 2007
BS
Ok, apparently the guy who is being quoted works for MS. It is like a pimp telling someone he is not a prostitute and all of his girls are free of disease.
Posted by: Greg Orlowsky 22 Jun 2007
HA
ya i choose not to click a box like every 10 seconds saying allow or deny or ok or cancel or whatever those annoying security messages say. yeah anything can be secure if you ask you use the user to secure it.
Posted by: netro 22 Jun 2007
everything comes back to bite you in the ass
Id like to hear MS explanation to the fact that alot of the really critical flaws found in VIsta, have been fixed in XP years ago. That would be interesting to hear considering they have said it's the safest windows they have ever developed. Maybe Vista is all smoke and mirrors and a must sell to survive going forward.. I personally like Vista due to DX10 but i cannot see why its not a free upgrade to XP. People have been very patient ( 5years since release) with XP security and bugs, one would think MS could do something for their customer other then raising prices for a service pack... VISTA is a echo system reviver needing still more power from your PC and not to mention a costly Software upgrade.
Posted by: billG 22 Jun 2007
good job
good article. every mac fanboy needs to see this.
Posted by: brian 22 Jun 2007
Better methodology
Let's choose the methodology that really matters - what percentage of computers with each OS are infected with malware? This measure factors in all the relevant factors (inherent security, speed that patches are available, speed that patches are actually applied, amount of malware in circulation and so on). Last time I checked, the percentage of OS X boxes which are infected is infinitesimally small. Linux would also have a very small percentage. Windows, OTOH has something like 70% of computers infected from the most recent report I read. How about that, Microsoft?
Posted by: Joe Anonymous 22 Jun 2007
More secure, but...
Vista is a considerable improvement over XP, but the reasoning of this paper is flawed. The number of patches is the creteria to gauge how secure an OS is? How about actual breaches? I could just as easily say that the OS with the most patches is the most secure and not the other way around.
Posted by: Carlos 22 Jun 2007