Windows Vista shipped to business customers on the last day of November 2006, so the end of November 2007 marks the one year anniversary for supported production use of the product. This paper analyzes the vulnerability disclosures and security updates for the first year of Windows Vista and looks at it in the context of its predecessor, Windows XP, along with other modern workstation operating systems Red Hat, Ubuntu and Apple products. The results of the analysis show that Windows Vista has an improved security vulnerability profile over its predecessor. Analysis of security updates also shows that Microsoft improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor, Windows XP.
Note that this report is an update to the previously published Windows Vista 90-Day Vulnerability Report and Windows Vista 6-Month Vulnerability Report. However, since one year is a more informative time frame, this report contains the results of a deeper level of analysis.
Included in this document
- Executive Summary
- About the Author
- Overview
- Interpreting the Analysis
- The Security Researcher Ecosystem
- Windows Vista vs Windows XP
- Windows Vista – Year One
- Windows XP – Year One
- Side-by-Side Comparison
- Windows Vista vs Other Operating Systems
- Red Hat Enterprise Linux
- Ubuntu 6.06 LTS
- Apple Mac OS X v10.4
- Side-by-Side Comparison
- Final Observations
- APPENDIX A: FREQUENTLY ASKED QUESTIONS
- Appendix B: Sources and Methodology
- Discovering Unfixed Vulnerabilities
Download Link – http://www.microsoft.com/windowsserver/compare/ReportsDetails.mspx?recid=54&tapm=A80S05B05
