Microsoft: Vista has fewer first-year vulnerabilities than any modern OS
By Thomas Ricker 
posted January 24th 2008 7:31AM
posted January 24th 2008 7:31AM
[Via Slashdot]
posted January 24th 2008 7:31AM
powered by gdgt
A look back on popular stories from today in a specific year.
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
If you ask me the vulnerabilities are points of entry for a hacker to wreak havoc. And then in which once invaded by hackers the OS makers need a patch. The numbers above represent a small number of hack attempts so the number of hackers is astronomical. Just what do the hackers get out of their mischievous deeds?
People who were screaming for a more secure Windows XP and don't like Vista just have to sit down and decisively figure out what they want.
To each his own. OS arguments are pretty silly and one sided. The issue at hand was Vista's security, kudos's to Microsoft. And thanks for giving us the option to turn UAC off.
What a ridiculously enlightened post.
In fact, I am going to go so far as say thanks pathogen for not being an opinionated tard!
WTF are you talking about! I am not talking about home user posers like yourself I am speaking about the corporate world. I am a software engineer and from a corporate standpoint there was way more adoption of windows XP early on than there is of Vista. Vista is a bloated hunk of junk that most of the good feature were removed from before it was released and my company does not plan on upgrading until MS completely drops support of XP. When XP came out we upgraded as soon as we felt it was stable.
stop reporting on these 'reviews' and nutjars will stop excreting them
I've used Vista since January of 2007. Yes, when it first came out it was tough to use. The lack of drivers and support was hair pulling... however, I remember the same exact thing happeneing when XP was released and people wanting to still use Windows 98. Vista still does not have its first SP out now, but most of the hotfixes can be found on the Mircosoft site now. As of today, for the most part, Vista is more stable then XP was when Xp came out. Vista will be bogged down until more manf. release drivers for it. If you don't like UAC.... TURN IT OFF. Not that big of a deal people. If you still don't like Vista then do a dual boot... but don't not use Vista cause sadly... there will be time when XP will not be supported.
Well, only thing I can say is: I've been installing Vista since it came out, never had problems... People are usually excited about Vista and it's looks where I work. If you use exotic software, dont go blame Vista if it's not working (we still roll out xp's for some special purpose-users). Vista has been available for developers for so long now... If your precious software isnt updated yet, it's the manufacturers fault, not Microsoft's. I hate to see the same old Ms-bashing from the same old linux/apple-fanboys. I could write a book about the problems I had with both Redhat and Ubuntu, but still it's allright for people to use it if they prefer so. Why would I mind about what other people use on there computers. Put it this way... If your neighbour was driving a red Fiat, would you go berserk on him for not driving the same blue Vauxhall like you or keep pointing the problems with his Fiat, whilst ignoring your Vauxhall's? Guess not...
I find it amusing that this graph is organized by what operating systems Microsoft likes.
Those guys really hate RedHat :P
Really, who DOESN'T hate Red Hat at least a little?
So should I buy a new laptop with Vista on it or just wait a couple of years for the NEXT Windows OS to come out?
I'm so confused and I'm not ashamed to admit it. When it comes to computers and stuff like that I can only understand so much. Most of this driver stuff is just way to complex to me. And I really don't trust sales people (especially the ones at Best Buy).
Anyways any info or comments would be appreciated. Email me at KushielsScion007@gmail.com if you have an opinion about Vista and whether to dive in or not.
Honestly if you are a normal computer user, who wants a PC over a Mac (I won't even get into that argument), there is no reason to buy a new computer with XP over Vista.
Vista is more than stable enough, and once again as a normal user you really won't ever have to worry too much about drivers (besides the fact that even if you did vista drivers are easily found now a days).
So the question is, do you want to buy a new PC?
Answer: Yes - Get Vista
Answer: No - Wait
:P
There are probably less vulnerabilities b/c the vast majority of people never used it. And the few who have, are switching back to XP. It's easy to say it has the fewest ANYTHING when it has the fewest users.
That's a stupid argument, and one that has been repeated many times already. If it were true, absolutely no one would care to try and find holes in MacOS or in Ubuntu, right? Yet, as you can infer from the graphic, that is not the case. So think a little tiny bit before you post something. Anyway, the type of guy who finds security holes isn't you average Joe; it's usually a researcher with a decent amount of knowledge actively looking for them. There is no necessary correlation between user base and researchers' interest.
Secondly, Vista does have many security enhancements - such as ASLR or UAC, and, what's most important in avoiding vulnerabilities, the whole code was written according to the strict SDL guidelines. That, combined with the thrill of finding holes in the newest generation of the world's most used OS, has caused security researchers to scrutinize Vista like, perhaps, no other OS before it. And nevertheless it withstood such hard, detailed analysis very well... There's no running from it: Vista is by far the most secure version of Windows, and, in my opinion, the most secure OS out there.
A little bit of googling will show that Vista does not have the fewest users, in fact I think it goes more along the lines of XP 73%, Vista 10%, OS X 7% ......
...fewer sales, fewer use, fewer chances to be attacked.
...a year old and they are already filling our heads wit the next OS?
I call shenanigans.
Vista has fewer vulnerabilities *that have been patched* this is a pretty silly little measure of nothing, as it doesn't take into account how LONG the vulnerabilities were known before the patch was issued, or if any actual exploits were in the wild, etc.
"In the Vista report, Microsoft notes that there were more vulnerabilities fixed in other OSes in their first years than in Vista: [...] 116 in Mac OS X 10.4's first year."
But if you chose to look at vulnerabilities that had exploits in the wild, as opposed to just which ones had (eventually) been patched, this graph would probably look pretty different. (read: 10.4 = 0)
My point being that this is just another silly marketing ploy with a VERY selective methodology.
(who want's to bet that they had to try dozens of different "methods" before finding one that would let them come out on top?)
you'd think after several of these types of articles, mac users would stop saying dumb things like
"LOLZ 70000 VIRUSES ON PC! MAC IS BETTER, YOU'RE JUST JEALOUS!!!!!!!!!"
Just proof that a platform acting as a status symbol is evil.
Go Free or go home, BSD/Mach users. That chart clearly indicates that Ubuntu is, in fact, the best. A sad thing, coming from Microsoft. I mean, am I missing something here, 'cause I'm looking at the smallest number of unfixed vulnerabilities... and I'm thinking that's what I care about...
I'll post here what I posted on Digg:
All I see is that MS only fixes half of the security issues the first year.
Absolutely.
See that OS with the smallest number of unfixed bugs?
..I'm a satisfied user.
ethana2@gmail.com
LOL Yea, you would think with how "few" fixes they had to do, they could get them all done!
So, this whole "Vista is stupid" thing got old a long time ago. Everyone's downgrading to XP? I seem to recall everyone doing the same thing when SP2 came out. Or when XP came out. Honestly, I don't know the Mac front (so don't expect some "by the way, I'm not an Apple fanboy OR a Microsoft fanboy, I just tell it like it is" comment) all that well, but I'd guess that's a pretty common reaction -- for techies, that is. Normal people just don't bother with the new stuff for a while (think Blu-ray).
That said, do you honestly think it's part of Microsoft's business model to ignore security issues and bugs? Sorry, but I don't buy that. They may be slow at it, but that's corporate bloat, not evil development. Maybe you haven't noticed, but there's a pretty dedicated fan base for Microsoft products, and some of them are even technically savvy. Perhaps savvy enough to even help find bugs in the OS.
P.S. UAC is not the most annoying thing in the world. I had a very similar experience when I first installed my firewall software, having to initially give things permission to do what they do. But anybody who says it pops up with getamac's "Cancel or Allow" frequency isn't using it.
that damned thing (UAC) popped up on EVERYTHING when i first installed vista. i disabled it as soon as i figured out how to. ever since then, vista really hasnt bothered me at all.
Personally, I'm more bugged by the fifteen minutes it takes to come out of Hibernate than I am about UAC.
The funny thing is that if I only had that chart, I'd say UbuntuLTS looks like the best deal.
It's unfixed bugs that matter to me, and it has the least.
...But I use it in part because GNOME _kicks_ explorer's butt... and because I don't like fiddling with drivers. You heard me. Drivers.
the lowest number of bugs...
...but also the lowest proportion of fixes...
hmm.
How does linux have vulnerabilities?
Also I apologize for the tone of my previous posts. Shit happens when I comment on Engadget before coffee.
Well, if the user has to work just to get online, I can't see how they would be vulnerable @_@
wouldnt more vulnerabilities being detected in Linux rather than Windows have something to do with the facts that 1) Linux is open-source, so vulnerabilities are more than likely to be found due to the ability of everyone to look at the source code and find such vulnerabilities 2) the people who use linux are power users and use it for a far more variety of tasks, therefore making it more likely to find vulnerabilities?
Typical. Even hackers don't give a sh** about Vista ;)
compiz fusion pwns win+tab
what concerns me about that graph is the percentage, and number, of unfixed issues. all the non-MS os's may have had more reports, but there are fewer OUTSTANDING issues, which means they are doing a better job of fixing the issues. Software will always have issues, it's how efficiently they are fixed that defines the vendors security responsibility.
They forgot that vista only works properly a small percentage of the time, like 40%, so the vunerabilities only present themselves when the computer isn't crashing, also the actual # of vunerabilies doesn't matter, however the magnitude of the vunerability does, but hey who doesn't like paying for the 2nd year beta version of vista at 349 a pop
I'm not going to get into the debate, just offer some more empirical evidence to the pile for those that might use it:
My primary machine is a Dell XPS410 with Vista Premium. I use an eVGA Nvidia 8800 GTS 640 MB graphics card. I play high end DX10 games like Crysis, and also older games like Half-Life. I also frequently multitask across multiple monitors running the MS Office suite, Adobe Photoshop, and a whole host of other programs.
With the exception of Crysis, I used all of these programs on XP as well.
Its safe to say that I love this OS, find it far superior to XP, and have had no problems with it having used it for nearly a year now. I'm always surprised to see how many people have had problems (read: more problems) in Vista than were had with XP in its lifespan to date.
To be sure, time will tell, but for my money its Vista on my hard drive.
Ill aggree with this...why??? because not enough people have Vista for hackers to really spend the time and resource on trying to break it down. If Vista didnt suck so much, more people would have it, and more hackers whould try to exploit it.
*Fewer DISCOVERED vulnerabilities
No one looks for vulnerabilities in an OS that doesnt have market share.
Just wait till later this year when Vista grabs majority market share.
for the love of God and good English, the word is THOUGHT. Not through. Two very different words. If in doubt, LOOK THEM UP.
I've used Vista 64-bit since I bought the last iMac and I've had no problems with it. I have an iMac running 4 gig ram and I'm pleased with the performance. I run large queries everyday and this thing hums. The only problem I've had was with iTunes and it not running well on 64, but that was solved last week.
That is true, Vista is way more secure than any other OS.First of all, most of virus time out before they can be executed. Second of all it takes so long to open a socket on Vista that most hackers switch to another computer to hack.
Philip !
It is a shame that I bought a USB 2.0 HP All-In-One Printer/scanner/copier 3 months ago only to find it did not work with Vista, even though there were driver updates available from HP. When downloaded they just would not take, they & Vista kept throwing up conflict issues. Next I tried to load my Sony Net MD drivers that work under XP, but not only do not work under Vista, Sony has decided to "SUSPEND SUPPORT" for the Net MD Product line (no doubt 'cause they found it too hard to make a workable code or there was no money in it, because we already sold the product > so support just cost us[Sony]).
It is this "PLANED OBSOLESCENCE" that will lose market share, customers and thus revenues for many companies that seem to think the buying public is just a mindless bunch of moneybags to be milked, with no loyalty returned. However, in my case, THEY ARE WRONG, and my next purchases will reflect that fact. The fact that my Vista PC has not crashed yet is offset by the fact that none of my VERY EXPENSIVE audio, video or mixing programs or hardware, that my business depends on will not work.
If it does'nt work, how can it crash?
For writers sprinkled throughout this forum: This is a public forum about products available on the open market. This is not a bathroom to be used for foul words or or other such inuendos. If you are not old enough to understand this, go ask your mother.
Vista downgrade for Acer customers? I heard that
Acer would offering to downgrade to XP for free. Anybody know anything about the details?