updated 02:05 pm EDT, Thu June 21, 2007
MS: We patch faster
In a posting to his blog, Microsoft executive Jeff Jones is claiming that in 2006, Microsoft was faster at patching security flaws in Windows that Apple for Mac OS X, and other manufacturers for various Linux flavors. According to his calculation (based on the vendor's own security advisories) the average risk period for Windows was 29 days while the average risk period for Mac OS X was 46 days. SuSE Linux Enterprise stood at 74 days with Red Hat Enterprise Linux's at 107 days and Sun Solaris at 168 days. Of interesting note, however, is that (according to Jones) Windows XP SP2 required more high severity fixes than Mac OS X: 44 compared to 35. Jones based the "days of risk" data. When all threats were considered, the risk-day level was virtually equal for Mac OS X and Windows XP.