Windows is the most attacked platform in the world due to its ubiquity and, coincidently, it is also the operating system exposing users to risks for the shortest period of time. This context is a direct result of Microsoft’s baptism of fire in comparison with the providers of rival products.
Jeff Jones, a Security Strategy Director in Microsoft’s Trustworthy Computing group looked at the time users
of various operating systems were exposed to attacks in 2006. Jones compared all Mac OS X and Solaris versions patched in 2006, Windows 2000 (Professional and Server), and Windows XP, Windows Server 2003, Red Hat Enterprise Linux 2.1, 3 and 4, SUSE Linux Enterprise Server 8, 9 and 10, Novell Linux Desktop 9, and SUSE Linux Enterprise Desktop 10.
“Days-of-Risk (DoR) is a measurement of the time period of greatly increased risk from when a vulnerability has been publicly disclosed (and thus known and available to millions of script-kiddies and other malicious attackers) until a vendor patch is available to close the vulnerability,” Jones stated explaining how he understands the attack window, adding that “during 2006, Microsoft provided fixes for publicly disclosed vulnerabilities the quickest on average at about 29 days and Sun came in at the far end with the highest average DoR.”
While Microsoft resolved all vulnerabilities in an average of just 28.9 days, Apple took 46.12 days to do the same on Mac OS X, Novell only managed to deliver security updates after 73.89 days, Red Hat after 106.83 and Sun after 167.72 days. But Microsoft is also the first in terms of response when it comes to resolving critical vulnerabilities.
The Redmond Company addressed security flaws in its Windows operating systems the past year in an average of 22 days. Apple is runner up with 29 days, then comes Novell with 42 days, and Red Hat with 67 days and Sun with a staggering 188 days. There is no real way to measure the security Windows, Mac OS X, Linux or Sun Solaris are delivering to users. A platform that is not under attack will be the safest even if it is filled with security vulnerabilities. No exploits equals a safe heaven. However, what Jones illustrated with the statistics in the graphic on the left, is the fact that Microsoft is able to respond first to its users’ needs in comparison with all other rival vendors.
Windows, Mac OS X, Linux, Sun Solaris