Microsoft claims that Vista has needed fewer security patches than any other recently released desktop OS

Vista 'more secure than OS X and Linux'

Microsoft report claims fewer patches and fewer flaws

Written by Tom Sanders in California

vnunet.com, 22 Jun 2007

Microsoft has boasted in a new study that Windows Vista has needed fewer security patches than any other recently released desktop operating system.

"Windows Vista has an improved security vulnerability profile over its predecessor and a significantly better profile to comparable modern competitive operating systems," stated Jeff Jones, director of the Trustworthy Computing initiative at Microsoft's Security Business Unit.

The Windows Vista 6-month Vulnerability Report (PDF) compared the number of flaws during the 90 days after the application's launch for Windows Vista, Windows XP, Red Hat Enterprise Linux 4 (RHEL4) Workstation, Ubuntu 6.06 LTS, SuSE Linux Enterprise Desktop 10 (SLED10) and Apple Mac OS X. (Also see table on page two)

Vista beat the other operating systems on nearly all fronts, according to the report, logging the fewest fixed vulnerabilities and the fewest repairs with a severity rating of 'high'.

Microsoft's operating system ranked second in the number of unpatched flaws after 90 days, trailing behind only Windows XP.

Apple's OS X ranked third behind the two Windows versions, followed by Ubuntu, SLED10 and RHEL4.

Comparing the number of patched and disclosed vulnerabilities is a controversial method of comparing the security between products. Different operating systems have different features, offering attackers diverse ways to hit the software.

Jones attempted to pre-empt criticism over features by including a tweaked version of the three Linux distributions in his test.

The adapted version had been stripped of bundled applications that are not found in Windows or OS X, such as the OpenOffice productivity suite, as well as graphics and developer tools.

The number of fixes also failed to consider the popularity with attackers and security researchers. Because Windows is the predominant operating system, users run a greater risk of getting hit.

But this has also caused the software to be closely scrutinised by Microsoft and independent security researchers as they attempt to protect their clients.