An anonymous reader writes "Apparently Microsoft still hasn't learned that counting vendor acknowledged vulnerabilities isn't a good way to establish the security of an OS. As an analysis of Microsoft's claims on Full Disclosure shows, we see that the methodology used was badly flawed. A bug in Firefox (not to mention emacs), counts as a flaw for Linux, while IE bugs get ignored on Vista's chart. Then we see that vulnerabilities aren't vulnerabilities when they're security-challenged features such as Vista's Teredo. Also, there's far too little consideration given to severity, given that it stoops to counting even extra access restrictions on a file in OSX to have something to show. In short, the original Microsoft analysis was good PR and poor research."Read more of this story (http://it.slashdot.org/article.pl?sid=07/06/28/235259&from=rss) at Slashdot.
http://rss.slashdot.org/~a/Slashdot/slashdot?i=QdNAov</img> (http://rss.slashdot.org/~a/Slashdot/slashdot?a=QdNAov)
http://rss.slashdot.org/~r/Slashdot/slashdot/~4/128817634

More... (http://rss.slashdot.org/~r/Slashdot/slashdot/~3/128817634/article.pl)