OSNews

"He also told reporters that windows patches faster than linux. Linux usally has patches in hours"

With no regression or integration testing, and often being updated several times within the time of the initial update.

Yes! Finally someone else with a decent understanding of software development willing to stand up to the open source fanaticism that permeates these comments.

The best, most recent and pertinent example of this is the most recent vulnerabilities in OpenSSH. The initial release of OpenSSH 3.7 did not fully address the security vulnerabilities that had been discovered, and consequently OpenSSH 3.7.1 was released. OpenSSH 3.7.1p1 was released using a largely untested reimplementation of the PAM code, as they patched the portable development branch with the security updates rather than the stable branch. Consequently a number of vulnerabilities were found in the new PAM implementation, and OpenSSH 3.7.1p2 was released to address those. So, an administrator attempting to protect his systems from one newly discovered security vulnerability could have ended up having to reinstall OpenSSH three times.

That isn't to say that Microsoft hasn't released patches that don't fully address an issue, or introduce new vulnerabilities, it's simply to say that the same problems occur in both open source and commercial software, and that applying a patch that addresses a security vulnerability immediately after it is discovered is probably not a good idea, as that patch most likely hasn't been tested and may break something else or introduce new vulnerabilities.