Thursday, May 15, 2008
Vulnerability Numbers, Q1 2008
Jeff Jones has just published some pretty interesting vulnerability numbers from Q1 2008.Ok, I know that the source is Microsoft, but the numbers and their meanings are very well documented, im my opinion. I'm one of the believers that these numbers show the results of the impressive security initiative from Microsoft. It's also good to see the numbers about vulnerabilities in Apple software, what also shows the results of a security posture (a very crappy one, indeed).Linux numbers are not a surprise to me. The problem this week for Linux is the very very ugly vulnerability on the PRNG system. By reading how it came to appear into the code just shows that the same reason that open source defensors use to argue it is more secure can also make the software less secure. Interesting.