Symantecis report looked at the number of operating system patches, and the shortest average time for patch development for Microsoft Windows, Mac OS X, Red Hat Linux, HP-UX, and Sun Solaris over the past six months. The conclusion was that Windows had 39 vulnerabilities, 12 considered high priority or severe, with an average fix time of 21 days, making it the most secure OS.
Red Hat Linux came in second place with 208 vulnerabilities and a 58 day average patch time. Only two vulnerabilities were considered high priority.
Mac OS X took third place with 43 vulnerabilities and a 66 day average for the related patches. Of those 43, only one was considered high priority. Mac OS X manager, Anuj Nayar, responded “Apple takes security very seriously and has a great track record of addressing vulnerabilities before they affect you.”
Sun, which came in last, was more critical of the Symantec report. “Symantecis data on security vulnerabilities simply does not match Sunis. We canit verify Symantecis sources and consider their report on Sun inaccurate.”
What we donit see in these figures, however, are the number of actual exploits that take advantage of the vulnerabilities Symantec reported, or the number of worms, viruses, and trojan horses each of the monitored operating systems suffer from. And statistics can always be manipulated to favor a certain view point.
Using Symantecis own numbers, for example, the report also shows that over the six month period monitored, over 30 percent of the vulnerabilities in Windows were ranked as high priority or severe. But for the same time period, less than one percent of the vulnerabilities found in Red Hat Linux and 2.3 percent in Mac OS X were high priority.
As with any report from a company that stands to gain from the data it presents, take this one with an appropriate dosage of salt.