Microsoft Better at Fixing Security Holes | SYS-CON BRASIL

The World’s Leading Information Source on Virtualization	Register \| Log in

.NET · AJAX · ECLIPSE · FLEX · OPEN WEB · iPHONE · JAVA · LINUX · OPEN SOURCE · ORACLE · PBDJ · SEARCH · SILVERLIGHT · SOA · VIDEO · VIRTUALIZATION · WEB 2.0 · WIRELESS · XML

Comments

Drool, Britannia? Is the UK Failing the Cloud?

By Roger Strukhoff

Richard Davies wrote: The UK has a good crop of technology pioneers in cloud computing - for example ElasticHosts, FlexiScale, Flexiant, OnApp - and also some strong government initiatives such as G-Cloud. We will have to see whether this kind of technical leadership converts into swift mass-market adoption or not.

Jan. 8, 2012 11:38 AM EST

read more & respond »

Cloud Computing
Conference & Expo
November 2-4, 2009 NYC
Register Today and SAVE !..

Did you read today's front page stories & breaking news?

SYS-CON.TV: SOA Power Panel Live From Times Square

SYS-CON.TV

SYS-CON.TV Webcasts

Jackbe: The Big A(architecture in AJAX)

Instantiations: Eclipse Rich Internet Platform with Taylor and Milinkovich

Yahoo!: Applying AJAX to Speed User's Journey

Enerjy Webcast: Java Code Quality Management

App Server Shoot-out: Microsoft, IBM, JBoss, Sun, BEA, and Oracle

Today's Top SOA Links

Linux Business News

Microsoft Better at Fixing Security Holes

Microsoft Better at Fixing Security Holes

By: Maureen O'Gara

Apr. 2, 2004 12:00 AM

Comparing all the Windows platforms that came out between June 1 of 2002 and May 31 of 2003 with all variants Red Hat, MandrakeSoft, Debian and SUSE, Forrester has concluded that Microsoft is better at patching vulnerabilities than the Linux folk.

Microsoft averaged 25 days "at risk"- in other words, the number of days between a vulnerability becoming public and the first patch - while Red Hat and Debian tied for second place at 57 days and Mandrake dragged in at 82 days.

Microsoft also did a better job than Linux in the thoroughness of patching vulnerabilities. Red Hat was good for 99.6% and Debian for 96.2%.

However, Microsoft had more serious flaws than Red Hat or Debian. Sixty-seven percent of Redmond vulnerabilities were rated high severity compared to 56% for Red Hat and 57% for Debian.

Of course, numbers don't tell the whole story. A lot depends on a customer's alacrity in applying patches and the ease of deploying them. Forrester's analysis of nine highest-profile Windows security incidents revealed that although Microsoft's patches predated the outbreaks by an average of 305 days, most firms had failed to apply the patches

Published Apr. 2, 2004— Reads 7,199 — Feedback 1
Copyright © 2004 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

About Maureen O'Gara
Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Reader Feedback: Page 1 of 1

#1

David commented on 2 Apr 2004

It also depends on whether you rely on Red Hat or another distribution for your systems. For example, if you download and use OpenSSH directly, you can get patches quickly. It takes longer for that fix then to be put into the Red Hat system. So, it just goes to show you that when a corporation packages OSS, you get less than if you do OSS directly.

Your Feedback

Microsoft Better at Fixing Security Holes

David wrote: It also depends on whether you rely on Red Hat or another distribution for your systems. For example, if you download and use OpenSSH directly, you can get patches quickly. It takes longer for that fix then to be put into the Red Hat system. So, it just goes to show you that when a corporation packages OSS, you get less than if you do OSS directly.

read more & respond »

Subscribe to the World's Most Powerful Newsletters

Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!

Click to Add our RSS Feeds to the Service of Your Choice:

Google Reader or Homepage

Add to My Yahoo!

Subscribe with Bloglines

Subscribe in NewsGator Online

myFeedster

Add to My AOL

Subscribe in Rojo

Add 'Hugg' to Newsburst from CNET News.com

Kinja Digest

View Additional SYS-CON Feeds

Publish Your Article! Please send it to editorial(at)sys-con.com!
Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON Featured Whitepapers

Most Read This Week

Cloud Expo New York Speaker Profile: Dave Asprey – Trend Micro

By Jeremy Geelan

Big Data in Telecom: The Need for Analytics

By Bob Hockman

Big Data Gold Mine in Cloud Governance and Automation

By Brian McCallion

Thoughts on Big Data and Data Virtualization

By Steven Yaskin

Cloud Expo New York Speaker Profile: Mårten Mickos – Eucalyptus Systems

By Jeremy Geelan

Cloud Expo New York Speaker Profile: Bernard Golden – HyperStratus

By Jeremy Geelan

Cross-Platform Mobile Website Development – a Tool Comparison

By Udayan Banerjee

Three Buzzwords That Every CIO Hears but One They Should Listen To

By Jeremy Hess

Write Once Run Anywhere or Cross Platform Mobile Development Tools

By Udayan Banerjee

Microsoft’s New Cloudware Could Cast a Shadow over VMware

By Maureen O'Gara

Cloud Expo New York: Cloud Architectures Require Scale-out Storage

By Liz McMillan

Is Your Integration Platform a Relic?

By Hollis Tibbetts

ADVERTISE | MAGAZINE SUBSCRIPTIONS | FREE BREAKING-NEWSLETTERS! | SYS-CON.TV | BLOG-N-PLAY! | WEBCAST | EDUCATION | RESEARCH

.NET Developer's Journal - .NETDJ   |   ColdFusion Developer's Journal - CFDJ   |   Eclipse Developer's Journal - EDJ   |   Enterprise Open Source Magazine - EOS
Open Web Developer's Journal - OPENWEB   |   iPhone Developer's Journal - iPHONE   |   Virtualization - Virtualization   |   Java Developer's Journal - JDJ   |   Linux.SYS-CON.com
PowerBuilder Developer's Journal - PBDJ   |   SEO / SEM Journal - SJ   |   SOAWorld Magazine - SOAWM   |   IT Solutions Guide - ITSG   |   Symbian Developer's Journal - SDJ
WebLogic Developer's Journal - WLDJ   |   WebSphere Journal - WJ   |   Wireless Business & Technology - WBT   |   XML-Journal - XMLJ   |   Internet Video - iTV
Flex Developer's Journal - Flex   |   AJAXWorld Magazine - AWM   |   Silverlight Developer's Journal - SLDJ   |   PHP.SYS-CON.com   |   Web 2.0 Journal - WEB2
Apache   |   CMS   |   CRM   |   HP   |   Oracle Journal   |   Perl   |   Python   |   Red Hat   |   Ruby on Rails   |   SAP   |   SaaS

SYS-CON MEDIA: ABOUT US | CONTACT US | COMPANY NEWS | CAREERS | SITE MAP

SYS-CON EVENTS: | AJAXWorld Conference & Expo | iPhone Developer Summit | OpenWeb Developer Summit | SOA World Conference & Expo | Virtualization Conference & Expo

INTERNATIONAL SITES: India | U.K. | Canada | Germany | France | Australia | Italy | Spain | Netherlands | Brazil | Belgium

Terms of Use & Our Privacy Statement

About Newsfeeds / Video Feeds

Copyright ©1994-2008 SYS-CON Publications, Inc. All Rights Reserved. All marks are trademarks of SYS-CON Media.

Reproduction in whole or in part in any form or medium without express written permission of SYS-CON Publications, Inc. is prohibited.

close this window