Anti FUD

I was amusing myself with the Microsoft “Get the Facts on Windows” site and the case studies they publish are fairly unbelievable. The Wipro report in particular rings hollow and reeks of numbers manipulation. It essentially offers the following

I am in the middle of finals so I can’t spend much time debunking these claims however with a minimum of spadework I offer the following:

They show this graph which contends that Windows 2003 has fewer security patches in 2007
Microsoft graph of reported patches

However eEye Digital Security has at least one flaw which was reported over 140 days ago. And eEye allows vendors 60 days in which to produce a patch which means this vulnerability has been known for 200 days and counting. So one has to ask if that blue bar representing Microsoft is low because of the long turn around time on patches. It’s only the month of May after all and the Linux community seems to have their updates in place a little sooner then Microsoft. Also since Linux operating systems have the ability to come with extremely large amounts of other free software all the “updates” come through the same channel. It would be interesting to see if they counted every update for mpeg123 along with critical security updates in this bar chart.

I’m going to go back to studying however it would be interesting to see some light shed here.

Post a Comment

You must be logged in to post a comment.