Windows Vista requires more patches than XP
Microsoft is touting Vista as being more secure than XP but its own data shows the contrary to be true. Windows Vista has more security holes left open than Windows XP does. Six months after Vista released, Microsoft has left more publicly announced Vista security holes and bugs unpatched than Windows XP had during the same time period.
According to ComputerWorld UK, Microsoft has patched 12 out of 27 bugs present in Vista during the six months since it released. On the other hand XP had 36 out of 39 vulnerabilities patched in the same time frame after release. From this standpoint, Vista does require more patches.
Microsoft claims that the unpatched bugs in Vista are of low risk and there are fewer “critical” patches needed for Vista, unlike XP in which many of the problems were very serious security holes.
As far as high risk security threats are concerned, Vista has one unpatched compared with XP which had two, again, in the six month time frame.
If you are to believe Microsoft, Windows XP had 23 “critical” bugs patched in six months where Vista has only needed one since it released in November.
This data has been released by Microsoft in an attempt to show that their new Security Development Lifecycle (SDL) program is in fact working. It has even tried to make a comparison to Linux or OSX which isn’t a fair comparison at all.
It’s too early to tell if any of this makes sense because Vista is still in the early stages of being accepted. Let’s wait and see how many problems Vista has when it is running on 95% of computers in the hands of businesses and consumers. When it is, it will be a far larger target for hackers and we will probably be running up to our chest in security holes, vulnerabilities and zero-day exploits.
Related Posts:
June 22nd, 2007
With any luck at all, Vista won’t be around long enough to find out. It’s time for Microsoft to quit playing these games and quit trying to shove Vista down everyone’s throat.
June 22nd, 2007
[...] Link to Article microsoft windows Windows Vista requires more patches than XP » Posted at [...]
June 22nd, 2007
[...] Link to Article linux Windows Vista requires more patches than XP » Posted at VISTA.BLORGE.com [...]
June 22nd, 2007
Wow! Talk about spinning a story! The original story was that Vista experienced fewer security flaw disclosures by an order of magnitude in its first 6 months than OS X and several major Linux distributions. You can argue all you want about the validity of using public disclosures as a security flaw metric (although that argument would likely not apply to OS X, which is every bit as proprietary and locked down as Windows), but your interpretation of the story and shameless negligence for facts, evidence, and objectivity is quite baffling!
June 22nd, 2007
For purposes of this post, I was not interested in Mac OSX or Linux… you can’t compare those to Windows Vista or XP, as much as you would like to, it can’t be done. It can but it’s not a level playing field.
The report also considers high severity risks only, is that to say the minor ones don’t matter?
I don’t care how severe a risk is, if it’s there, it’s a risk and it should be patched.
June 22nd, 2007
[...] Full article here: Source [...]
June 24th, 2007
What a twist, let have some numbers, requoting a guy from
http://www.betanews.com/article/Vista_Security_Report_Raises_More_Doubts_Than_It_Relieves/1182530446
Let’s break that down:
Red Hat 4:
280 plugged
66 not plugged
Vista:
12 plugged
13 not plugged
Red Hat 4 has 53 more unpatched security holes than Vista.
However you look at it, Vista is the more secure one on the patching front, so I have no idea why people try and claim victory by the fact that they’ve patched 81% and someone else has patched ‘only’ 48%.
It is down to the number of unpatched flaws the system has as to how secure it is, not how wonderfully quickly (and the success rate) some have been patched.
Yes, severity comes in to it; however at a certain point it doesn’t affect the decision any more as having 1 severe flaw and having 60 not-as-severe flaws is incomparable.
The one with 60 loses.
June 28th, 2007
“So, with respect to its predecessor product, Windows Vista seems to have a better initial 6 months, with one-third as many vulnerabilities fixed and with Windows Vista having only one High severity issue outstanding at the end of the 6-month period (against 2 in Windows XP).”
“In all four cases studied for the 6 month period after ship, Windows Vista appears to have a lower vulnerability fix and disclosure rate than the other products analyzed (Windows XP included), including the reduced Linux installations. This affirms the early results that we found after 90 days and provides a supporting indicator that the Microsoft Security Development Lifecycle process and heightened focus on security is having a positive impact on Microsoft Windows in terms of fewer vulnerabilities.”
Sorry, I know the truth hurts to retards like Jonathan Schlaffer and many readers here, but there are no arguments against facts.
And by the way: how interesting that we can trully believe Microsoft when their report supposedly concludes that Windows Vista requires more patches than XP, but when it concludes that “Windows XP had 23 critical bugs patched in six months where Vista has only needed one since it released in November” that only makes sense if we “are to believe Microsoft”. So basically, we are only allowed to believe Microsoft if they conclude their new products are worse than their previous or competing poducts/versions. Got it.
Regarding the “It’s too early to tell if any of this makes sense because Vista is still in the early stages of being accepted”: no, it’s not, because if Jonathan Schlaffer wasn’t a retard, he would know this report compares the first 6 months of Vista against the first 6 months of all other testes OS’s, not until now, so it’s a fair comparison, even more for the reason that, by this time, XP had fewer users than Vista has today, so with this report, we can conclude that, even being a bigger target, Vista is the most secure OS of all the OS’s tested.
I know it hurts, Jonathan Schlaffer and other retards, but it’s the truth.