I was nudged by some colleagues this week, telling me that some folks may only be reading my technet blog, but that I hadn’t been doing a great job of cross-posting some things.
Six months is a much more interesting time frame than the previous Windows Vista – 90 Day Vulnerability Report, and gives us the opportunity to see if the early trend indicators are holding up. Also, I thought it was worth going a little deeper in the analysis to look at the total fixed and unfixed vulns as I did last time, plus these additional views:
- Include a comparison view of Linux distribution workstation builds that exclude vulnerabilities non-default optional components as well as OpenOffice and other applications that do not have equivalents on Windows XP.
- Include a comparison view that excludes Low and Medium severities to just focus on High severity vulnerabilities fixed and unfixed in the first 6 months, and
- A comparison view that combines both of these
For the full details, or to print the report, you can download the report in pdf.
Interestingly, I got slashdotted (verb) twice for this report:
The latter “spin” by slashdot gave me a chuckle, given the practical details of the issues, but I’ve come to expect it.