Fewer flaws FUD wars as Microsoft paints misleading picture of Linux security

Posted by markdoughty on Aug 21, 2007 1:00 PM EDT
DaniWeb; By Davey Winder
Mail this story
Print this story

Microsoft resort to more FUD in order to discredit Linux distro security, while claiming its own OS products are the most secure of all. Dig a little deeper and the argument is not just flaky but falls to pieces...

I quote “The vulnerabilities included in the analysis only include those vulnerabilities for which the vendor has confirmed applicability, typically via a security advisory or patch notice. The analysis here does not include publicly disclosed vulnerabilities during the period that have not yet been fixed by the vendor.” So, let’s get this straight, that is vulnerabilities that have been patched by the vendor, not zero-day flaws or vulnerabilities that are known about but not officially confirmed via advisory no matter how long in the tooth, just the ones that the vendor has fixed.

Secunia publishes independent reports of vulnerabilities listed by both vendor and product, as well as keeping historical archives of the same. Which makes for very interesting reading, and brings a slightly different perspective to the security picture being painted.

Take XP Pro, for example, which Secunia shows has 29 Secunia advisories yet to be patched, that’s 15% of the total. Or how about Windows Server 2003 Standard Edition with an 8% unpatched rating, equating to 11 of 135 advisories? Compare this to the product flagged as being most insecure according to the Microsoft OS Vulnerability Scorecard report, Red Hat Enterprise Linux 4 Workstation. Secunia shows 311 advisories being raised since 2005, but none of them remain unpatched.

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Community, Linux, LXer, Microsoft, Novell, Red Hat, Ubuntu

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.