QuadCEM/QuadBlog

US-CERT released their 2005 Cyber Security Bulletin last week, claiming that Windows had 812 reported flaws and Unix/Linux had 2,328. This might come as a shock to you at first glance … and it is quite shocking; especially if you read their Technical Cyber Security Alerts page for the past two years (I’m not including 2006). Twenty-one of their reports mention vulnerabilities to Microsoft by name, and how many for Unix/Linux? Not one.

You might be thinking that something doesn’t add up here. Let’s breeze by Secunia and take a look at their stats to make sure we’re on the right track. Just to be fair (and so you don’t think I’m being biased towards Unix-based systems) I’m going to take the lowest stats for MS systems and I’ll use a bunch of different *nix systems (not just the highest or lowest). Also, I’m only using the latest versions of the different OS’s. Here we go: (more…)