New Symantec study: Is Windows the securest OS?

Michael PietroforteMVP By Michael Pietroforte - Thu, March 22, 2007 - 4 comments google+ icon

Michael Pietroforte is the founder and editor of 4sysops. He is a Microsoft Most Valuable Professional (MVP) with more than 30 years of experience in system administration.

Symantec has just published their new Internet Security Threat Report. They compared Microsoft, Red Hat, Apple, HP and Sun. And guess what? Microsoft got the best grades! You know, there are many comparable studies and they all find different things depending on who financed them. But this one is interesting.

For one, Symantec is one of Microsoft’s competitors, so you wouldn’t expect them to court the Redmond guys. Secondly, Symantec is a company selling mostly security-related products for Windows. It is simply not in their interest to proclaim that Windows is a secure operating system. Why do you think are they so nervous about Vista?

This study, however, is not about Vista since it used data from the second half of 2006. Symantec’s researchers found that Windows had less vulnerabilities and was patched the fastest among the competing operating systems. The average patch development time of the 39 Windows vulnerabilities was 21 days. Second was Red Hat Linux with an average of 58 days for a sample set of 208 vulnerabilities. The third place goes to Apple with 66 days for a sample set of 43 vulnerabilities. It is interesting to note that the average patch development time was increased for all software vendors. Please, check page 40 in this PDF for further information.

Of course, you’ll find lots of refutations in the coming weeks about this study. (internetnews.com has already some of them.) One weak point certainly is that the Windows vulnerabilities were often more severe. The other question is can such data be used at all to decide which operating is more secure? It is a matter of fact that there is much more malware for Windows than for any other OS, for example. When it comes to security, the only interesting figure is, how often organization registered security breaks for the different operating systems.

Nevertheless, the Symantec data is interesting since it is another proof that Microsoft is making progress with respect to security. I’m already curious about the next study that will include Vista. Do you remember the times before Windows NT? All IT professionals made jokes about the stability of Microsoft’s operating systems. These critics are either quite now or started to bash MS because of security. What’s next? Microsoft’s Internet execution sucks?

-1+1 - Rate this post
Loading ... Loading ...
Disclaimer
Your question wasn't answered? Please ask in the new 4sysops forum!

4 Comments- Leave a Reply

  1. Luke says:

    Symantec sells most of their products to Windows users. They have a vested interest in portraying Windows as the most secure platform.

    The thing about statistics is that two different people can take the same numbers and use them “support” two contradicting theories.

  2. Michael Pietroforte Michael says:

    Luke, I doubt that Symantec wants to promote Windows. They want to sell their own products. And who buys security software if the OS is secure anyway? I fully agree with your second point, though.

  3. Jim Lee says:

    Umm, gotta agree with Luke here. Sure, Symantec may be a Windows competitor, but the point is that their products_only_work_on_Windows_platforms. When Windows loses customers, so does Symantec. And McAfee. And NOD32. And Kapersky.

    Every Linux/OS X/*BSD user is a user not running one of these products.

  4. Michael Pietroforte Michael says:

    Jim, I doubt that Symantec is afraid that Windows loses customers because it is insecure. Windows always had security problems, but people buy it anyway. And Symantec made a lot of money with improving Windows security. The only thing, Symantec is afraid of, is that Microsoft’s own security software would make their tools useless. Many other third party software vendors run into problems after Microsoft decided to enter their market. Symantec is quite aware of that.

Please share your thoughts in a comment!

Login

Lost your password?