Re: Vulnerability Report Points To Biggest Windows Security Offenders

[Chester Wisniewski <chetw () zuzax com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is such load of crap I can't not whinge about it.

Counting vulnerabilities? What they heck does that matter? And in
which dimension did XP have only 5?

This is marketing garbage at its worst.

More vulnerabilities reported could mean that it is more secure. Or
the developers are more honest (open source will always have more, as
they all get reported.)

Secunia should know better. If your business is about patching you
ought to have enough sense to smell the stink from your own PR nonsense.

cw


On 04/01/15 21:56, Jeffrey Walton wrote:
> Its interesting the Windows OSes are lowest on the list (including
> OS X and Linux). Windows userland programs are a different
> story....
>
> http://redmondmag.com/articles/2015/04/01/windows-security-offenders.a
spx
>  Vulnerability management vendor Secunia last week released its
> annual "Secunia Vulnerability Review," with findings pointing an
> overall rise to vulnerabilities in 2014 by 18 percent compared to
> 2013.
>
> Newly reported vulnerabilities totaled 15,435 in 3,870
> applications from 500 publishers, Secunia said. Among those
> thousands of new vulnerabilities were 25 zero-day vulnerabilities,
> which are security flaws that are already being exploited in the
> wild when a vendor publishes a security advisory about them. That
> figure is up from 14 zero-days in 2013. ...
>
> Operating System - Vulnerabilities Oracle Solaris - 483 Gentoo
> Linux - 350 Apple Macintosh OS X - 147 Windows 8 - 105 Windows 7 -
> 33 Windows Vista - 30 Windows XP - 5 ... 
> _______________________________________________ Fun and Misc
> security discussion for OT posts. 
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec
> is a public and open mailing list.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVHatRAAoJEIppaxyC9sVd+ZAQAIyV/nxSOX9aURwOyAugu+Tv
iZASQ/WGYx4cViPtdRCbCz4aLFyBvnfQ+3ycGi9Bin3A8Xlu45kp50596vZGUhc+
WQbRqXb0Mx3XENauCetzkrGRiN5/DI3ky8f9BGiciM2aEdsrTbJGahU3TAXXd0mu
rvpvNwkPWg6YvZAx8a9e1RLJFbXYhojVOUhTiyUjv04lo/o06bUeRgI8+SprIrZL
RJmsbFPyhf7n3IZmuEIUiwOuK7eacdHsojEC8n6iEoSd/j4JBgoirKBtGfoo1FZE
NWQ4RFrvnIo7b1Vdf3poG/XfjyUwwi3at26YOQlnzljH+AMc7h90gt2f7EWggx6I
LIGqXykYSwyzDKWPAg6p7ae5RD8KU9CWFBgM05dqdz+UMDZM3nnmRVlI7l6OqD3I
Vt5+2LRN/s18P6FhZfLmAamJiewYSR+s8EVtLbhD9EEGIwoYeZOP0GfE0yWYkYRu
pVZj/i9zzgc8AN0yP0Pu6Z+u3TTtKDWryVSfDR6kQ4VR1avzfC35f4PMM6vpT8E2
q7UzMSYjG0atAYrHnech79oF5sO3VDZ1Agpld2I8QSMfGXNtrqiP//1Lf9N27W+3
HMY3S6ByVpSsrM4US5tVbTcsfkptGG4sVxF1UQUDqsgdCLdGnn2IwmVH5y7l95fI
npFhgVWmZhhLIHXlbjb6
=IvyS
-----END PGP SIGNATURE-----
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.