X

More Linux facts from Microsoft

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
See full bio
Joris Evers
2 min read

Microsoft's "get the facts" marketing blitz may have tapered off a bit, but the company's employees are still keeping track of data that could favor the Redmond, Wash., company in its battle against Linux.

Jeff Jones, senior director in Microsoft's Security Technology unit, has kept tabs on the number of vulnerabilities in Windows XP with Service Pack 2 and Windows Server 2003 versus the client and server versions of Red Hat's Linux.

Over the first six months of this year, the two Windows versions had significantly fewer security vulnerabilities than the rival offerings from RedHat, Jones wrote in several blog postings on Microsoft's TechNet Web site this week.

Jones' tally: On the desktop Windows XP SP 2 had 39 flaws, compared with 91 for Red Hat Desktop 3 and 137 for Red Hat Desktop 4. On the server side, Windows Server 2003 racked up 38 flaws, Red Hat Enterprise Linux 3 hit 97, and Red Hat Enterprise Linux 4 totaled 137.

"So, of course, if a Microsoft Executive were to do a 'red hot candy' demo, you can see the results are pretty drastically in favor of Microsoft," Jones wrote.

He also breaks down the number of flaws to account for high-severity and low-severity bugs, and again Windows wins his comparison.

Statistics like these, of course, bring a response from critics.

In his most recent blog post, published on Friday, Jones fends off some criticism, saying that because Windows and Linux are such different packages, it is wrong to compare flaw counts.

Jones precedes all of his blog posts on this topics with the following note:

"I am not asserting that my vulnerability analysis demonstrates that Windows is more secure. Rather, I frequently hear and read Linux advocates making unsupported assertions to the opposite, that Linux is inherently more secure than Windows. The 'unsupported' part of that bothers me, so I check for myself. What I keep finding is that Linux distributions have more vulnerabilities, more serious vulnerabilities and the data does not support the assertions of security superiority for Linux and Open Source software."

Still, cyberattacks and pesky software such as spyware, adware, worms and viruses seem to target Windows systems more than any other operating system. Jones' tally may indicate something, but it doesn't say Red Hat users face more attacks than Windows users.