Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Vista more secure than Linux says MS Security Business unit ..

____/ Doug Mentohl on Friday 22 June 2007 16:41 : \____

> "Vista beat the other operating systems on nearly all fronts, according
> to the report, logging the fewest fixed vulnerabilities and the fewest
> repairs with a severity rating of 'high'"
> 
> "Apple's OS X ranked third behind the two Windows versions, followed by
> Ubuntu, SLED10 and RHEL4"
> 
> http://www.vnunet.com/vnunet/news/2192615/microsoft-claims-vista-secure
> 
> WINDOWS VISTA 6-MONTH VULNERABILITY REPORT
> 
> "in my opinion, it does seem like there are more researchers, better
> trained, and with better tools and techniques than ever before –
> creating an ecosystem better able to find and disclose security
> vulnerabilities"
> 
> http://www.csoonline.com/pdf/6_Month_Vista_Vuln_Report.pdf
> 
> It's not the number of researchers, but the number of hackers that is
> important. And it isn't the most reported vulnerabilities but the number
> of actual breeches.

There's a lot more to this. I'll spew out some links and excerpts:.

Microsoft is Counting Bugs Again

,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a 
| good accounting.
| 
| [...]
| 
| The point: Don't count on security flaw counting. The real flaw is 
| the counting.
`----

http://www.microsoft-watch.com/content/security/microsoft_is_counting_bugs_again.html?kc=MWRSS02129TX1K0000535

Microsoft Better at Patching XP Than Vista

,----[ Quote ]
| A Microsoft Corp. security executive released data Thursday showing that, 
| six months after shipping Windows Vista, his company has left more 
| publicly disclosed Vista bugs unpatched than it did with Windows XP.
|
| [...]
|
| "This is an apples-to-oranges comparison," said HD Moore, one of the hackers 
| behind the popular Metasploit penetration testing toolkit. "If you want a 
| more accurate view, try comparing the number of flaws between 
| Microsoft-developed software and vendor-X-developed software. Most Linux 
| vendors don't actually write the majority of the packages they include," he 
| said via e-mail.     
|
| "Alternatively, force Microsoft to include all vulnerabilities in common  
| third-party software," he added. "For example, the thousands of exploitable 
| ActiveX controls that... vendors include with a Windows system." 
`----

http://news.yahoo.com/s/pcworld/20070622/tc_pcworld/133308

Skeletons in Microsoft’s Patch Day closet

,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently 
| fixing vulnerabilities in its bulletins — a controversial practice that 
| effectively reduces the number of publicly documented bug fixes (for those 
| keeping count) and affects patch management/deployment decisions.   
`----

http://blogs.zdnet.com/security/?p=316


Beware of undisclosed Microsoft patches

,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts 
| that Microsoft brass use to compare its security record with those 
| of its competitors. What do you think of Redmond’s silent patching 
| practice?
`----

http://blogs.zdnet.com/microsoft/?p=527

-- 
                ~~ Best of wishes

For governments that eavesdrop, here is a quick list of tags: Communism,
Hawaiian shirts, China, Suitcase, Martha Stewart, Encryption, Prison, Stalin.
Thanks for tuning in.
http://Schestowitz.com  |    RHAT Linux     |     PGP-Key: 0x74572E8E
 00:20:03 up 6 days,  5:48,  6 users,  load average: 1.74, 1.96, 1.61
      http://iuron.com - Open Source knowledge engine project

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index