Feeds

Windows beats Linux - Unix on vulnerabilities - CERT

Good news and bad news

Top 5 reasons to deploy VMware with Tegile

It might not feel like it, but Windows suffered fewer security vulnerabilities than Linux and Unix during 2005.

Linux and Unix experienced more than three times as many reported security vulnerabilities than Windows, according to the mighty US Computer Emergency Readiness Team (CERT) annual year-end security index.

Windows experienced 812 reported operating system vulnerabilities for the period between January and December 2005, compared to 2,328 for Linux and Unix.

CERT found more than 500 multiple vendor vulnerabilities in Linux and Unix spanning old favorites such as denial of service and buffer overflows, while CERT recorded 88 Windows-specific holes and 44 in Internet Explorer (IE). For a complete list of vulnerabilities, you can visit the CERT site here.

The annual poll does not include the Windows MetaFile (WMF) vulnerability, which has become the most widely reported attack on Windows according to security and antivirus specialist McAfee since being reported on December 28.

News of Windows' relative security will prove little comfort to millions of computer users now bracing for the latest attack of the Sober worm variant due this week.

CERT's data underlines the scale of the challenge faced by Microsoft on security, four years into the company's highly publicized Trusted Computing initiative.

Despite posting fewer vulnerabilities than its Unix and Linux challengers and Microsoft going out its way to talk up its "progress" in security in 2005, it is attacks on Windows that still cause more concern and generate most headlines.

The reason is that, unlike Linux, Windows has greater potential to cause harm because of its presence on desktops in the hands of users who receive self-propagating worms, click on email attachments and download malicious code. And while it seems just as each hole is fixed, a new vulnerability is unlocked elsewhere in the vast Windows code base.®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
Was ist das? Eine neue Suse Linux Enterprise? Ausgezeichnet!
Version 12 first major-number Suse release since 2009
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.