Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft.
Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’.
You can read the report here:
The Microsoft “researcher” claims that Windows Vista is exponentially less vulnerable than many Linux distributions and Mac OS X. It may be true that the default Vista installation has had less public vulnerability reports, and that Linux has had many more, but this is due to the nature of Open Source. Jeff does not include any “silently fixed” vulnerabilities that have been patched since Vista was released and Microsoft has not disclosed such vulnerabilities publicly.
The methodology used was deeply flawed, as I briefly mentioned before, bugs in Firefox and other software like emacs count as a flaw for Linux whilst IE bugs get ignored for Vista.
The conclusions that are drawn are built on a lack of understanding by the Microsoft researcher. I highly encourage him to go back and take another look, and pare down the results to essential information that is absolutely critical to the conclusions, rather than just “Other OS’s have more bugs, see, look at my graphs”…
Good PR, but bad research? Seems par for the course.
And perhaps it could backfire PR wise, as the clued in people get pushed further away from Vista.
Source: Full Disclosure