Microsoft: Vista’s not as insecure as XP. Please buy it!

by admin January 27, 2008 at 8:25 am

After a year on the market, Vista has had fewer security vulnerabilities discovered than XP did in its first year. According to a post on the Windows Vista Security blog, Vista has had 36 fixed and 30 unfixed security vulnerabilities, compared to 68 fixed and 54 unfixed vulnerabilities in XP. Patches have been issued on 9 occasions so far with Vista, compared to 26 for XP.

The number of vulnerabilities is not the only thing that Microsoft is boasting about. Not only have there been fewer flaws, but those flaws have—according to Microsoft’s own categorization—been less severe than those XP suffered. This is because of Vista’s “defense-in-depth” approach to security. Two features in particular are credited with the improvement; IE Protected Mode, and User Access Control. Together, these mean that even when malicious code runs, it can’t do the damage that it would do on XP. 13 vulnerabilities had their impact assessment lowered by this extra protection: 12 by UAC, one by protected mode.

Full story: