The First 90 Days of an Operating System
People who know me know that I often complain about Microsoft systems because of the constant vulnerabilities they seem to have. "patch Tuesday" is always an interesting time for me, as it typically provides a lot of work. But I read a recent article that outlined the vulnerabilities that occurred within the first 90 days of the life of various operating systems. It was funny to see that of all the operating systems discussed in the article that Red Hat Enterprise Linux 4 Workstation Reduced actually led the way with the most vulnerabilities in the first 90 days. Also mentioned were Ubuntu Linux, Novell SLED 10, and MAC OSX 10.4, all of which had more vulnerabilities than both Windows XP and Windows Vista combined.
It appears that 1) Windows Vista has made great strides in plugging security weaknesses, and that 2) The Linux folks need to reassess their stance on just how much more secure Linux is than Windows. A thought from someone who tests and deploys patches on Windows systems from month to month: I still see a lot of work to be done, but this article really makes us security professionals step back and realize that security vigilance is important, no matter what OS you are working with.
It appears that 1) Windows Vista has made great strides in plugging security weaknesses, and that 2) The Linux folks need to reassess their stance on just how much more secure Linux is than Windows. A thought from someone who tests and deploys patches on Windows systems from month to month: I still see a lot of work to be done, but this article really makes us security professionals step back and realize that security vigilance is important, no matter what OS you are working with.
I guess what I am trying to say here is that there is a lot of stereotypical information about where the problems are. As I mentioned in a previous article: Microsoft is really not the problem. The problem is in that people get so wrapped around the axle on making assumptions about that which they are familiar with. For example, the Linux people will swear that Linux is flawless, and the Novell people will feel likewise. Much vigilance gets lost regarding educating users, and just keeping up on the day to day maintenance of the systems you do have. Educate your users, keep your systems patched, and at the end of the day, you Windows users will have an environment that is every bit as safe as that which the Linux folks claim to enjoy.
Article Link: http://www.csoonline.com/pdf/Vista_Vuln_Report.pdf
No comments:
Post a Comment