SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
From the News Desk
Friday, 25. January 2008
Vista Encountered Less Security Flaws than XP, Says Microsoft
Microsoft is giving itself high marks in its first year Vista security report, at least when comparing the OS’s first year vulnerability and patch statistics to its Windows OS predecessor and other modern workstation operating systems, such as Red Hat, Ubuntu, and Apple’s Mac OS.
Microsoft employee Jeff Jones has published a Windows Vista one-year vulnerability report in his Security Blog that includes analysis of the company's newest operating system alongside Windows XP and several competitors.
During the Vista's first year of availability, 17 security bulletins, patching 36 vulnerabilities, were released for the OS on occasions, according to Jeff Jones, security strategy director in Microsoft's Trustworthy Computing Group. Jones also found that a change to the way Microsoft handles patching has resulted in less work for system administrators on Vista compared to Windows XP.
“Patch events [distributions of one or more bulletin] are an indirect measure of how the combination of product security quality and vendor update release policies and processes impact security administrators – specifically, how many days in the year did the administrators have to mobilize to deploy one or more security updates,” Jones said on his security blog. “My analysis found that administrators were required to mobilize much less often for Windows Vista than any other product examined.”
The report has been criticized for not taking into account factors like software quality, administrative controls, physical controls, or just how damaging each exploit can be.
Jones notes, however, that the report is not an attempt to prove which operating system is “more secure” than the others, but rather an analysis on how Microsoft’s improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor, Windows XP.
Microsoft released Vista for enterprise clients, along with Office 2007, in November 2006. The home version was distributed two months later.
Microsoft employee Jeff Jones has published a Windows Vista one-year vulnerability report in his Security Blog that includes analysis of the company's newest operating system alongside Windows XP and several competitors.
During the Vista's first year of availability, 17 security bulletins, patching 36 vulnerabilities, were released for the OS on occasions, according to Jeff Jones, security strategy director in Microsoft's Trustworthy Computing Group. Jones also found that a change to the way Microsoft handles patching has resulted in less work for system administrators on Vista compared to Windows XP.
“Patch events [distributions of one or more bulletin] are an indirect measure of how the combination of product security quality and vendor update release policies and processes impact security administrators – specifically, how many days in the year did the administrators have to mobilize to deploy one or more security updates,” Jones said on his security blog. “My analysis found that administrators were required to mobilize much less often for Windows Vista than any other product examined.”
The report has been criticized for not taking into account factors like software quality, administrative controls, physical controls, or just how damaging each exploit can be.
Jones notes, however, that the report is not an attempt to prove which operating system is “more secure” than the others, but rather an analysis on how Microsoft’s improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor, Windows XP.
Microsoft released Vista for enterprise clients, along with Office 2007, in November 2006. The home version was distributed two months later.
