July 2007 - Operating System Vulnerability Scorecard
Posted by: Philipp Esselbach on: 08/17/2007 11:01 AM [ Print | 0 comment(s) ] · 2476 views
Microsoft's Jeff Jones published an Operating System vulnerability report for July 2007
>> July 2007 - Operating System Vulnerability Scorecard
| When I started doing these scorecards, I did two variations - year-to-date and last-3-months - thinking that the latter would reflect short-term bursts of issues and that the former would give an overall view for the year that would incorporate the ups and downs.
Instead, the two versions of the charts seem to look very similar except for the numbers and scale. This kind of hints that whatever vulnerability disclosure and fix rate a product has, it is staying pretty consistent over time, at least in 2007. The other thing I find a bit interesting is the Server charts that incorporate the reduced set of Linux packages. For those Linux server builds, I eliminated everything GUI, X11, Gnome, KDE-related, firefox and all optional client-type application components and just kept a minimalist server with the ability to server web pages or act in a few other common server roles. In contrast, the Windows Server build includes every shipping component including Internet Explorer, Media Player and similar stuff. I imagine that a lot of people would have expected a stripped-down Linux server to have, if not fewer total vulnerabilities, then fewer High severity vulnerabilities. Finally, if I had one surprise in the charts, it was that I expected RHEL5 to be further distinguished from (ie, much lower than) RHEL4 in the YTD charts, given that it did not ship until March. |
>> July 2007 - Operating System Vulnerability Scorecard
Related Stories
07/12/2006 02:57 AM: July 2006 Security and Critical Releases Bulk Update by Newsfactory
This ISO-9660 CD image file contains the security updates for Windows released on Windows Update on July 11th, 2006. ...
07/12/2006 02:47 AM: Microsoft Security Bulletin Summary for July 2006 by Newsfactory
Download the July security updates for Microsoft Windows and Microsoft Office....
07/15/2005 05:07 PM: AutoPatcher XP July 2005 by Newsfactory
AutoPatcher XP June 2005 has been released! AutoPatcher XP is an installation package designed to get your Windows system up to date quick and easily for Windows XP, Windows 2000, and Windows 2003. ...
07/12/2005 10:52 PM: Microsoft Security Bulletins for July 2005 by Newsfactory
This month's security updates affect Microsoft Windows and Microsoft Office. ...
This ISO-9660 CD image file contains the security updates for Windows released on Windows Update on July 11th, 2006. ...
07/12/2006 02:47 AM: Microsoft Security Bulletin Summary for July 2006 by Newsfactory
Download the July security updates for Microsoft Windows and Microsoft Office....
07/15/2005 05:07 PM: AutoPatcher XP July 2005 by Newsfactory
AutoPatcher XP June 2005 has been released! AutoPatcher XP is an installation package designed to get your Windows system up to date quick and easily for Windows XP, Windows 2000, and Windows 2003. ...
07/12/2005 10:52 PM: Microsoft Security Bulletins for July 2005 by Newsfactory
This month's security updates affect Microsoft Windows and Microsoft Office. ...
« ASRock ConRoe 1333-DVI/H and Intel E2140 Budget System Review · July 2007 - Operating System Vulnerability Scorecard
· XFX 8800 Ultra Video Card Review »
