14 DAY TRIAL // Drawing the line on Microsoft's 2006 from a security point of view produces a negative result. The Redmond Company patched a total of 133 Critical and Important vulnerabilities in the year that will come to an end this month. In 2006, Microsoft was far from delivering a comprehensive security environment with all of its products.
Another conclusion regards the evolution of the Critical and Important vulnerabilities affecting Microsoft's products in 2004, 2005 and 2006. In the context of Important vulnerabilities, Microsoft has maintained a level of stagnation. Across 2004, 2005 and 2006, the number of Important vulnerabilities has not exceeded 40. One aspect of the course of Microsoft Important vulnerabilities is that the number of flaws in 2006 is smaller that that of 2004.
Not to worry. Microsoft has compensated with Critical vulnerabilities. The volume of Critical flaws impacting Microsoft products has escalated in 2006. If for both 2004 and 2005 their number was somewhere between 20 and 40, in 2006, Microsoft is close to 100 Critical vulnerabilities. According to data compiled by McAfee, the amount of Critical Vulnerabilities has tripled compared to the two previous years.
And the bad news for Microsoft is that the year is still to come to an end. And Microsoft still has to deal with three different Critical vulnerabilities affecting Word. The Redmond Company's next security bulletin is scheduled for availability on January 9, 2007. But the amount of focus the three Word vulnerabilities are receiving will force Microsoft to issue and out of band security bulletins release.