blogs.zdnet.com/security/?p=758
Larry Dignan Tracking the hackers, with George Ou Subscribe Alerts Bio Mobile
Pick a blog category Apple Black Hat Black Hat Federal Blogroll Botnets Browsers Cisco Contributors Data theft Digital rights management Exploit code Firefox Google Hackers Hirings and firings McAfee Metasploit Microsoft Mozilla Open source Oracle Passwords Patch Watch Pen testing Piracy Privacy Punditocracy Responsible disclosure Rootkits Spam and Phishing Spyware and Adware Symantec Uncategorized Viruses and Worms Vulnerability research Wi-Fi security Windows Vista Wireless Zero-day attacks December 18th, 2007
Mac versus Windows vulnerability stats for 2007
Posted by George Ou @ 7:14 am
Categories: Patch Watch, Apple, Microsoft, Windows Vista, Vulnerability research
Tags: Apple Macintosh, Vulnerability, Microsoft Windows Vista, Flaw, Microsoft Windows, Microsoft Windows Vista (Longhorn), Apple Mac OS X, Apple Mac OS, Microsoft Windows XP, Operating Systems, Security, Software, george.ou
317 TalkBacks Share Digg Del.ico.us Sphere Blog This Print Email Recommend Don't Recommend +1486
The year 2007 has been an interesting year that brought us improved security with Windows Vista and Mac OS X Leopard (10.5). But to get some perspective of how many publicly known holes found in these two operating systems, I’ve compiled all the security flaws in Mac OS X and Windows XP and Vista and placed them side by side. This is significant because it shows a trend that can give us a good estimate for how many flaws we can expect to find in the coming months. The more monthly flaws there are in the historical trend, the more likely it is that someone will find a hole to exploit in the future. For example back in April of this year, hackers took over a fully patched Macbook and won $10,000 plus the Macbook they hacked.
I used vulnerability statistics from an impartial third party vendor Secunia and I broke them down by Windows XP flaws, Vista flaws, and Mac OS X flaws. Since Secunia doesn’t offer individual numbers for Mac OS X 10.5 and 10.4, I merged the XP and Vista vulnerabilities so that we can compare Vista + XP flaws to Mac OS X. In case you’re wondering how 19 plus 12 could equal 23, this is because there are many overlapping flaws that is shared between XP and Vista so those don’t get counted twice just as I don’t count something that affects Mac OS X 10.4 and 10.5 twice.
Windows XP, Vista, and Mac OS X vulnerability stats for 2007
XP Vista XP + Vista Mac OS X
Total extremely critical 3 1 4 0
Total highly critical 19 12 23 234
Total moderately critical 2 1 3 2
Total less critical 3 1 4 7
Total flaws 34 20 44 243
Average flaws per month 2.83 1.67 3.67 20.25
X Extremely critical
H Highly critical
M Moderately critical
L Less critical
So this shows that Apple had more than 5 times the number of flaws per month than Windows XP and Vista in 2007, and most of these flaws are serious. Clearly this goes against conventional wisdom because the numbers show just the opposite and it isn’t even close.
sin comentarios. Aunque karma cree que han aprovechado el arranque nefasto de Leopard y sus problemas con JAVA... veremos dentro de una temporada... pero VISTA se ve bien no ? makeros TOP +65 8-) :-P
