Microsoft security strategy director Jeff Jones this week published a report comparing the security vulnerability profile for various high-profile operating systems in the 90 days of their existence. Surprisingly, Vista came out in front: Vista had 5 vulnerabilities in its first 90 days, one of them fixed, and one pending with a High severity rating. By comparison, XP had a total of 17 vulnerabilities in its first 90 days, 8 of which were rated High, when it shipped in 2001. The surprises, however, come when you compare the non-Microsoft competition. Mac OS X 10.4, a darling of the press, actually suffered from 20 vulnerabilities in its first 90 days, 8 of which were rated High. Worse, OS X 10.4 still suffered from 17 publicly disclosed but unpatched vulnerabilities at the end of those 90 days. “The data doesn’t support [Apple’s] marketing,” Jones writes. Linux fared even worse: Ubuntu 6.06 suffered from a whopping 71 vulnerabilities in its first 90 days, 27 of those rated High. And there were at least 29 unpatched vulnerabilities in that OS after the 90 day period ended. And so on. You can read the entire report (PDF), and look forward, as I am, to Jones’ 6-month and 1-year updates.
Microsoft, Windows Vista, OS X, Linux