Microsoft Security Strategy Director Jeff Jones has released a report card on Windows Vista security for the first 90 days since its release to businesses last November. Jones compares the vulnerabilities in Windows Vista to Windows XP, Mac OS X 10.4, Ubuntu Linux, Red Hat Enterprise Linux 4, and Novell SUSE 10 — and looks at the number of vulnerabilities reported and fixed for each OS.
As you would expect (since Microsoft is revealing this information), Vista faired extremely well. It had fewer reported vulnerabilities than any of the other operating systems, with only 5 security holes overall (4 unpatched). By comparison, Windows XP had 18 vulnerabilities (4 unpatched) and Mac OS X 10.4 had 37 vulnerabilities (17 unpatched). The Linux distros all had much higher numbers of discovered vulnerabilities, but that’s not really a fair comparison because they include software flaws for individual programs in addition to the operating system vulnerabilities, plus open source users find and report little bugs all the time.
For a further evaluation of the numbers, check out Ryan Naraine’s report over on ZDNet.