IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Windows trumps Mac OS X security-wise claims Symantec report

Microsoft's OS has had fewer vulnerabilities, and the software giant was quicker to patch them, claims a report from security expert Symantec.

Apple's Mac OS X would appear to be less secure than Microsoft's Windows, as findings show that in the last six months of 2006 the Redmond giant patched its operating system fewer times than any rival, and turned around those patches far quicker.

The information appears in Symantec's newly-published Internet Security Threat Report, which covers the period 1 July to 31 December 2006.

Windows Vista was not released to retail until January 2007, so is not included in the report, although as it points out "In December 2006, Symantec reported a vulnerability in previous versions of Windows that also affects the version of Windows Vista that was released to consumers in January. This indicates that Microsoft's Security Development Lifecycle, while thorough, does not necessarily identify all potential vulnerabilities."

Praise for Microsoft's patch development was based on evidence that it took an average of 21 days to develop each patch, based a sample set of 39 vulnerabilities. While better than Sun, HP, Red Hat or Apple, it still represented a slow-down over the first six months of the year, in which it was patching vulnerabilities in an average of 13 days from notification.

Apple took an average of 66 days to patch vulnerabilities. This metric was based on a sample set of 43 vulnerabilities, of which only one was considered to be of 'high severity'. Of Microsoft's sample, five were tagged 'high severity'. Again, Apple's turn-around slowed in the second half of the year, as it had been patching vulnerabilities in an average of 37 days between January and June 2006.

However, Internet Explorer's ubiquity helped it achieve the unattractive distinction of being the most targeted web browser, as it was the subject of 77 per cent of all malicious online attacks. Symantec documented 54 vulnerabilities in IE, compared to just 40 in Safari, although while Microsoft patched exploited vulnerabilities in its browser in around 10 days, it took Apple 62 days to do the same with its own default browser. Symantec explains this as being "skewed by a smaller sample set of patched vulnerabilities and exploits."

Elsewhere, the report noted that the government sector accounted for 25 per cent of all identity theft-related data breaches, which was more than in any other sector.

However, Denial of Service (DoS) attacks were down, dropping from 6,110 a day in the first six months of the year to 5,213 a day in the second six. While the US was the most common target of such attacks (52 per cent of all attacks detected) it was also the originator of more data-related malicious activity than any other country, accounting for a full 31 per cent of all activity on record.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022