Microsoft: Vista More Secure Than XP and Open Source

Windows Vista was hit by significantly fewer publicly disclosed security flaws in its first year than Windows XP and open source rivals in their first years, according to a report from Microsoft.

The report, written by Jeff Jones, a security strategy director in Microsoft's Trustworthy Computing group, is part of Microsoft's effort to show that its work on redesigning the security architecture and adding new security features to Vista have paid off.

Jones also found that changes to the way Microsoft handles patching has resulted in less work for system administrators on Vista compared to Windows XP.

The report comes on the heels of figures from Secunia, which reported fewer vulnerabilities for Windows in 2007 compared to open source operating systems in the same time period. However, Microsoft's report compares the way each OS fared in its first full year of supported distribution.

Do Comparisons Work?

Comparisons between different types of operating systems on the basis of numbers of public bug reports are often downplayed by security experts, who say they are only part of the picture. For instance, Linux-based OSs are composed mainly of third-party components whose bug reports are all known publicly, whereas third-party components play a small part in Windows and many bugs may be uncovered but not made public.

However, Microsoft's main interest with the new report is in convincing users that Vista - which has received heavy criticism over bugs and usability issues - is more secure and more easily managed than XP.

"The results of the analysis show that Windows Vista has an improved security vulnerability profile over its predecessor," said Jones in the report. "Analysis of security updates also shows that Microsoft improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor."

Subscribe to the Best of TechHive Newsletter