mark :: blog

20 Apr 2006: Transparency

Remember all those reports which compared the number of security vulnerabilities in Microsoft products against Red Hat? Well researchers have just uncovered proof and an admission that Microsoft silently fix security issues; in one case an advisories states it fixes a single vulnerablity but it actually fixes seven.

Whilst you could perhaps argue that users don't really care if an advisory fixes one critical issue or ten (the fact it contains "at least one" is enough to force them to upgrade), all this time the Microsoft PR engine has been churning out disingenuous articles and doing demonstrations based on vulnerability count comparisons.

Created: 20 Apr 2006
Tagged as: , , ,

Hi! I'm Mark Cox. This blog gives my thoughts on security work, open source, home automation, and other topics.

popular tags: [all], apache, cve, cvss, fedora, ha, metrics, microsoft, redhat, security

Subscribe to RSS feed