Windows users were at risk for in-the-wild vulnerabilities fewer days on average last year than users of rival operating systems from Apple, Novell, Red Hat and Sun, a Microsoft executive claimed.
Jeff Jones, strategy director in Microsoft’s security technology unit, has posted findings that show Microsoft released patches for vulnerabilities in Windows overall — and Windows XP in particular — faster than its four competitors did for flaws in their software. A Symantec executive acknowledged that Jones’ data “reads accurate.”
In two entries on his CSO blog, Jones laid out his analysis of “days-of-risk,” a term that describes the time from when a vulnerability is announced or goes public, to when the vendor releases a fix. By Jones’ calculations, Windows — including 2000, XP and Server 2003 — boasted an average days-of-risk (or DoR) last year of just under 29 days, compared to Mac OS X’s 46 days, SuSE Linux Enterprise’s 74, Red Hat Enterprise Linux’s 107, and Sun Solaris’ whopping 168.
Microsoft, Patches, Vulnerabilities