Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Microsoft / Windows

Windows

Vista Is the Fairest - Red Hat Linux, Ubuntu, Leopard and Tiger Just a Mess

Claims Microsoft

By Marius Oiaga, Technology News Editor

15th of May 2008, 17:41 GMT

Adjust text size:


Mac computers
Enlarge picture
Windows Vista is untouchable as far as security is concerned, according to Microsoft. In what has become a traditional operating system vulnerability measuring contest, Jeff Jones, Security Strategy Director in Microsoft's Trustworthy Computing group, has compared Windows Vista, Windows XP SP2, Red Hat Enterprise Linux Desktop (v. 5 client), Red Hat Enterprise Linux WS (V. 4), Ubuntu 6.06 LTS Desktop, Apple Mac OS X 10.5 (Leopard) and Apple Mac OS X 10.4 (Tiger). In terms of the sheer volume of vulnerabilities, Vista, with the least amount of security flaws, managed to come on top of all rival operating systems, with Jones placing a focus on Mac OS X.

"For January through March of 2008, Mac OS X users experienced the highest number of vulnerabilities as well as the highest number of High severity vulnerabilities while Windows Vista users experienced the fewest and the fewest High severity vulnerabilities", Jones stated, taking a shot at Apple's operating system advertised as secure by default. But at the same time neither Apple's marketing, nor Microsoft's vulnerability hunting games are an accurate measure of the security delivered by the operating systems enumerated in the first paragraph.

In the first quarter of 2008, Microsoft released 6 Security Bulletins patching 6 Critical and 3 Important vulnerabilities in Vista. No less than 8 Security Bulletins were needed in order to address 12 holes in XP SP2, including 7 Critical, 3 Important, and 2 Moderate vulnerabilities.

"During the first three months of 2008, Red Hat released a total of 19 Security Advisories in 12 different patch events that addressed 60 vulnerabilities in the desktop components of RHELD5. (...) During the first three months of 2008, Red Hat released a total of 18 Security Advisories in 14 different patch events that addressed 75 vulnerabilities in the desktop components of RHEL4WS", Jones added.

Vulnerability Statistics
Enlarge picture
Ubuntu 6.06 LTS had a total of 54 security vulnerabilities patched via 15 Security Notices in the first three months of this year. No less than 17 of the vulnerabilities carried a severity rating of Critical. During the same time, Jones revealed that "Apple released a total of 6 Security Updates in 5 different patch events that addressed 83 vulnerabilities in Mac OS X 10.5 (Leopard). [And] 5 Security Updates in 5 patch events that addressed 81 vulnerabilities in Mac OS X 10.4 (Tiger)."

Jones turned to the CVSSv2 ratings from the NVD for the severity of Mac OS X vulnerabilities and found that 28 flaws affecting Leopard were High, 48 Medium and 7 Low. At the same time 25 vulnerabilities in Tiger were labeled with a severity rating of High, 54 Medium and 2 vulnerabilities Low.

"Users of Mac OS X 10.5 (Leopard) fared the worst for the first 3 months of the year, experiencing triple the number of High severity vulnerabilities of Windows Vista users (double the number of High severity vulnerabilities as the latest Red Hat desktop client)", Jones concluded.

TAGS:

 Windows Vista | Windows XP | Ubuntu | Red Hat Linux | Mac OS X
Read by 2,975 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Poor (1.6/5) 15 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Microsoft Still Shooting at XP SP2 with the Vista Gun - No Kill

Forget Vista SP1, Microsoft Made an Alternative for Download

No Rush to Resolve Slipstreamed XP SP3 Product Key Issues

Microsoft: XP vs. Vista Is the Same as Apples vs. Oranges

Windows Malicious Software Removal Tool for Vista SP1 and XP SP3

Vista SP1 and XP SP3 Dodge the Latest Release of Security Patches

2 Year Old Critical Vulnerability Comes Back to Haunt XP SP3 RTM

User opinions:


Comment #1 by: Keith on 15 May 2008, 23:21 GMT reply to this comment

Why would they use Ubuntu 6.06 LTS Desktop in this report? Why not use a newer version? Next what applications had the security flaw, and is it related to the operating system.

This doesn't seem like a fair report.


Comment #2 by: Jawsh on 15 May 2008, 23:21 GMT reply to this comment

Dear lord, they are at it again. Of course Microsoft is going to promote their own products but their ideas on measuring security are flawed. Measuring the amount of patches only states one thing: that vendors are patching flaws... Microsoft having less patches only says that microsoft is patching less. The reasons could be that there actually are less security patches needed (which suggests that all OSs start at a similar security base) or that Microsoft is not patching their stuff. They could easily skew the results by not patching their stuff. Obviously, with all the Microsoft vulnerabilities that are executed, there is reason to believe that Microsoft vulnerabilities are more common. One of Microsofts' problems is that they only ship patches once a month... and in that time, they do not ship many.
You can not say that these other systems are not targeted either. Mac OS Leopard recently lost at the security conference CanSecWest where laptops loaded with one of each OS (Vista, Leopard, Ubuntu). Vista fell soon thereafter and Linux was not hacked. At this conference, the incentive was a lot of money... therefore the easiest to hack would be the first to go.
Apache has about 50% of the web server market. It is obviously very popular and, running on a Linux system, would be very targetable but we do not hear much about those kinds of flaws. When the creators do find one, they are fixed quickly, distributed, and problems are diverted.
Microsoft is trying way too desperately. Create a product that is well written instead of attacking others.


Comment #3 by: Napoleon Courtney on 30 May 2008, 19:21 GMT reply to this comment

Considering that Vista has yet to be deployed on as many desktops as XP, Mac OS X, Red Hat EL 4 which is usually an indicator for Microsoft products, the fact that Microsoft is install on approximately 80% of the computers in the world, as more people and institutions upgrade to Vista, the number of event patches will also rise as the OS is put on various machines.

Considering that the other OS's don't have nearly the support from OEM's and hardware manufacturers, and third party software vendors, the number of patches the other OS's relatively small compared to their combined share of the computer market.

Mac and Linux users are much more likely to report problems with those operating systems, than most Microsoft users. For the number programmers Microsoft employs, when they release a new operating system I'm surprised they have any problems at all.

They have more than enough people to code, debug, and test all their products, as well as all the third party support.

Why wouldn't they have a stable, secure and reliable operating system right out the box?

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive