Linux or Windows: Which is more vulnerable?

Share this article:

After examining security vulnerability data over the last year, Forrester Research has determined that both Windows and Linux can be deployed securely, but vendors need to ensure they address several criteria to make this process easier.

Forrester collected and analyzed data on security vulnerabilities in Windows and in the four most widely-used Linux systems: Debian, MandrakeSoft, Red Hat and SUSE. In its report, "Is Linux More Secure Than Windows," the research firm said it is critical for vendors to be more responsive in providing patches to vulnerabilities, reduce the number of more highly severe holes, and be more thorough in offering fixes for all publicly disclosed vulnerabilities.

Bearing these requirements in mind, Forrester found that Red Hat Linux had the lowest percentage of highly severe vulnerabilities, while Microsoft placed first in responding to flaws by turning around fixes for publicly disclosed holes in 25 days. Among the Linux players, Debian's developer federation was tops in responsiveness among other Linux distributors, averaging only 32 days between the first fix for a given vulnerability from any source and Debian's own fix.

In regard to thoroughness, Microsoft fixed 100 percent of its vulnerabilities. RedHat patched 99.6 percent (all but one) and Mandrake, 99 percent (all but two).

The report also looks at platform security's future and how the likes of scheduled security update processes, responsible disclosure and more, will affect it.

www.forrester.com   

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.