According to Symantec’s annual Internet Security Report, Windows is not only doing well in terms of security, it’s actually doing better than competitors when it comes to the most widely-used operating systems. The information for this report was gathered during the last six months of 2006, and some of the information they were looking at included how many vulnerabilities appeared, and how long on average it took for a patch to be released.
Microsoft:
- 39 vulnerabilities discovered
- 12 were high priority or severe
- On average, Microsoft took 21 days to fix them
Red Hat Linux
- 208 vulnerabilities discovered
- 2 considered high priority or severe, 130 were considered medium severity
- On average, it took 58 days to fix them
Apple
- 43 vulnerabilities discovered in Mac OS X
- 1 considered high priority or severe
- On average, it took 66 days to fix them
Microsoft is definitely on top of their game when it comes to issuing patches compared to the others, however they also had the most high priority patches to deal with. At the same time, they also had the best turn around for fixing them. Apple had the lowest number of high priority vulnerabilities, but they took the longest out of the three, on average to fix.
Because Microsoft has been a target for years, they’ve had to be aggressive with fixing these issues. Charles King, an analyst with Pund-IT when speaking to Internetnews.com explains that “there have been complaints in the past about Apple’s lack of response to security issues. But as Mac and Linux gain market share, they will have to respond much quicker.”
Seeing that Symantec is no real friend of Microsoft I think this is one report that, on the surface, can be trusted. Often Microsoft pays a company to do this kind of research and it usually favors Microsoft.
well, if its true, and i don’t have many reasons to think otherwise, it’s about time microsoft will be more responsible.
hopefully they will catch up with all the holes in IE as well.
i wonder what secunia has to say about these numbers.
To put that into perspective:
For Microsoft: Those are the 39/1,928,424 vulnerabilities discovered in the last 5 years.
For Apple: Those are the only 43 vulnerabilities ever discovered.
Of course I’m kidding…
I don’t know if they will ever catch up with the holes in IE simply because of the Active X technology. That is just a huge vulnerable spot for Microsoft and I don’t think it will start getting better anytime soon.
That was pretty funny!
Red Hat and Fedora are bad examples. They are considered to be like the least secure Linux distributions out there. I’ve read that in some Linux magazine. If they’d have reviewed Ubuntu instead, Linux would certainly have gotten a better score.
Yes, you’re definitely right. I just did a quick search over at the [nvd.nist.gov] and Ubuntu only has a few in the last several months.