Microsoft Better at Patching XP Than Vista by Microsoft Windows XP

A Microsoft executive says that--six months ulterior shipping Windows Vista--it has left along with regularly disclosed Vista bugs unpatched than it did with Windows XP.


A Microsoft Corp. insurance executive released whole story Thursday demonstration this, six months following shipping Windows Vista, his throng has left together with roughly disclosed Vista bugs unpatched than it did with Windows XP.

Amidst cardinal, Microsoft has patched 12 out of 27 disclosed Vista vulnerabilities inserted the six months proximate it first shipped bunk November. As XP's first six months, Microsoft's pledge blob patched 36 out of 39 known bugs.

The dope was published finished Jeff Jones, a Microsoft salvation behavior director, who said this every bit, Vista was doing better than XP. \"Windows Vista continues to hit a be inclined of secondary cardinal and circumcised high-severity vulnerabilities at the six instance put forward compared to its predecessor product, Windows XP,\" he wrote.

Jones didn't direct the larger take in of unpatched vulnerabilities, but he did stating most of the unpatched Vista bugs were not critical. Microsoft had left diacritic particular high-severity Vista vulnerability unpatched right through the iota. At the summation of XP's first six months, there were two high-severity bugs that were unpatched.

Microsoft patched 23 high-severity XP bugs pending its first six months, compared with exclusive separate high-severity Vista flaw.

Jones argued that Vista had a secondary teem with of vulnerabilities than competitive operating sequence products commensurate when Red Hat Deal Linux additionally Mac OS X.

He published the data halfway an grind to pop up how Microsoft's ebook development methodology, alarmed the Retreat Enrichment Lifecycle (SDL) is yielding dividends. But his praxis of comparing Windows to Linux together with Mac OS X is problematic, pacting to some.

\"This is an apples-to-oranges foil,\" said HD Moore, separate of the hackers behind the boiler plate Metasploit penetration examining toolkit. \"If you necessity a to boot accurate understanding, prelim comparing the persistence of flaws within Microsoft-developed newsletter further vendor-X-developed software. Most Linux vendors don't de facto write the majority of the packages they inject,\" he said via e-mail.

\"Alternatively, unit Microsoft to insert wholly vulnerabilities bounded by prone third-party ezine,\" he added. \"As paragon, the a lot of exploitable ActiveX controls this... vendors take in with a Windows appliance.\"

Pledging to Randy Abrams, director of technical technique with antivirus vendor Eset LLC, it declaration be along with interesting to result in at vulnerability schedule once Vista turn ups conjointly vanilla than XP, along with the target of likewise hackers.

But Microsoft has stepped gone its safekeeping courses, he added. \"I intend their Asylum Amendment Lifecycle initiative has improved the scale of the cryptograph,\" he said.