Windows Vista more secure after six months than XP

Some readers may have seen the report which was published by Jeff Jones three months after Vista was finally released in which he showed that the number and severity of flaws in Vista were far less of a risk than XP after an equivalent period.

He has now updated this report to show the vulnerabilities in Vista after 180 days. What is key is not only the distinctly fewer known vulnerabilities overall, but the number of disclosed holes that remain unpatched at the time of writing.

Note that the blog entry is only a summary and the only graph you get to see relates to high severity vulnerabilities. Also, it only looks at those which affect the core systems, not optional components. So, Vista looks like it is doing better than XP at this point with almost no unpatched holes, and many people will go away with that impression because visuals work well in getting messages into the brain.

The full 14 page report (pdf) is also available, in which the discussion is much more detailed (even patch by patch). It is here that it becomes clearer that while it is faring better than XP did, to me it is not doing so much better given how much hype there has been about trustworthy computing and Vista (and Longhorn / 2008) being secure by design, rewritten from the ground up to be more secure, yadayada more secure.

One Response to Windows Vista more secure after six months than XP

  1. graycat says:

    yadayada more secure ….. yadayada XP with addons ……yadayada more secure ….. yadayada pretty version of XP …… yadayada more secure …… yadayada roll out pain in the @rse …… yadayada more secure

    Sorry, there’s pretty much all I hear when M$ starts banging on about Vista. There’s much more to it but I’ve had to edit it out for pre-watershed viewing 🙂

    Interesting approach they’ve taken with the graphics. People always remember pretty pictures, so put the message you want to deliver in there and BANG that’s what people remember. well, most people of course 😉

%d bloggers like this: