Digital Edition

SYS-CON.TV
Microsoft Better at Fixing Security Holes
Microsoft Better at Fixing Security Holes

Comparing all the Windows platforms that came out between June 1 of 2002 and May 31 of 2003 with all variants Red Hat, MandrakeSoft, Debian and SUSE, Forrester has concluded that Microsoft is better at patching vulnerabilities than the Linux folk.

Microsoft averaged 25 days "at risk"- in other words, the number of days between a vulnerability becoming public and the first patch - while Red Hat and Debian tied for second place at 57 days and Mandrake dragged in at 82 days.

Microsoft also did a better job than Linux in the thoroughness of patching vulnerabilities. Red Hat was good for 99.6% and Debian for 96.2%.

However, Microsoft had more serious flaws than Red Hat or Debian. Sixty-seven percent of Redmond vulnerabilities were rated high severity compared to 56% for Red Hat and 57% for Debian.

Of course, numbers don't tell the whole story. A lot depends on a customer's alacrity in applying patches and the ease of deploying them. Forrester's analysis of nine highest-profile Windows security incidents revealed that although Microsoft's patches predated the outbreaks by an average of 305 days, most firms had failed to apply the patches

About Maureen O'Gara
Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

It also depends on whether you rely on Red Hat or another distribution for your systems. For example, if you download and use OpenSSH directly, you can get patches quickly. It takes longer for that fix then to be put into the Red Hat system. So, it just goes to show you that when a corporation packages OSS, you get less than if you do OSS directly.




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
"We host and fully manage cloud data services, whether we store, the data, move the data, or run ana...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | ...
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize exist...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical ...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud,...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
Modern software design has fundamentally changed how we manage applications, causing many to turn to...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost...