Linked by Thom Holwerda on Thu 10th Apr 2008 21:38 UTC, submitted by SReilly
"Symantec's comprehensive security report on the malware industry from July 1 to December 31, 2007, is now available in its 100+ page glory. Symantec broke down information on patch development time by operating system and by the type of vulnerability encountered. Surprisingly, Microsoft had the shortest time-to-patch over both halves of 2007. In the first part of the year, Microsoft released 38 patches (two of which involved third-party applications) with an average deployment time of 18 days. From July to December, Microsoft released 22 patches with an average patch time of six days. Red Hat came in second, at 32 days for the second half of the year and 36 days in the first half. That's quite a bit higher than Microsoft's average, but of the 227 vulnerabilities Red Hat patched in 2007, 226 of them involved third-party applications. Apple, Sun, and HP all lag well behind Microsoft and Red Hat, though the gap for each company differs significantly between the first and second halves of last year."
Thread beginning with comment 309103
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
RE: What they don't tell you
by StephenBeDoper on Fri 11th Apr 2008 17:54
in reply to "What they don't tell you"
Member since:2005-07-06
What they don't tell you is the severity of these security flaws;
A good point. But then...
This is the problem with fanboys and so-called security experts; they all have their sacred cows (good lord; Symantec couldn't possible slam Microsoft; after all, Microsoft suggests THEIR security products, and Symantec are reliant on Microsoft's products - they have a symbiotic relationship!)
What would explain this?
http://www.mcafee.com/us/local_content/misc/vista_position.pdf
(The top google result for "McAfee Slams Microsoft", BTW)
- and we have people here who suck down that kool aide without question.
Of course - but it's the content of the McAfee report that should be addressed, not the reputations of the report's author or subject. Otherwise, that's the very definition of ad hominem argument (except directed at an organization rather than a person).
RE[2]: What they don't tell you
by ormandj on Sat 12th Apr 2008 14:28
in reply to "RE: What they don't tell you"
Member since:2005-10-09
RE: What they don't tell you
by Nelson on Fri 11th Apr 2008 19:08
in reply to "What they don't tell you"
Member since:2005-11-29
Member since:
2005-07-06
What they don't tell you is the severity of these security flaws; there is a marked difference between a security flaw which is invoked by standing on ones head, hand the left arm out the window whilst singing the national anthem versus a security vulnerability exploitable by simply connecting to the internet.
This is the problem with fanboys and so-called security experts; they all have their sacred cows (good lord; Symantec couldn't possible slam Microsoft; after all, Microsoft suggests THEIR security products, and Symantec are reliant on Microsoft's products - they have a symbiotic relationship!) - and we have people here who suck down that kool aide without question.