CERT on Security of Platforms and Systems

Posts 862

Reply

Softwaremaker Posted: 01-04-2006 1:42 PM

rated by 0 users

The US Computer Emergency Readiness Team (CERT) has just published a year end summary of software vulnerabilities for the year 2005. According to the report:

"There were 5198 reported vulnerabilities: 812 Windows operating system vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058 Multiple operating system vulnerabilities."

*nix has almost 3 times the number of vulnerabilities than those on Windows! Says something about their security too.

However, it might be useful to note that most *nix vulnerabilities got patched sooner than most Windows ones.

The full report is available at: http://www.us-cert.gov/cas/bulletins/SB2005.html

~Softwaremaker (BLOG) M. Twain: "I didn't have time to write a short letter, so I wrote a long one instead"

Posts 154

Reply

feelite replied on 01-07-2006 3:08 PM

rated by 0 users

Softwaremaker wrote:

However, it might be useful to note that most *nix vulnerabilities got patched sooner than most Windows ones.

in addition to the fact that the numerical count is a non-sequitter, the WMF vulnearbility took 7 days to solve. everytime a report like this is published, a lot of people get really religious.

http://news.zdnet.co.uk/0,39020330,39245889,00.htm

http://feelite.com/blog

Posts 2,257

Reply

icelava replied on 02-02-2006 11:41 PM

rated by 0 users

Just how many people actually stop to consider the damage potential, severity of those flaws, ease of exploit, available workarounds, hardening possibilities, etc. Vulnerability count alone would be too superficial a view on the true security scene. But that is as deep as nearly everybody is ever willing to go before making some judgement.

The melody of logic will always play out the truth. ~ Narumi Ayumu, Spiral

CERT on Security of Platforms and Systems

rated by 0 users This post has 2 Replies | 2 Followers

rated by 0 users
This post has 2 Replies | 2 Followers