NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0449 Apple or Microsoft?:
Apple's teasing commercials that imply its software is safer than Microsoft's may not quite
match the facts, according to new research revealed at the Black Hat conference on Thursday.
Researchers from the Swiss Federal Institute of Technology looked at how many times over the
past six years the two vendors were able to have a patch available on the day a vulnerability
became publicly known, which they call the 0-day (zero-day) patch rate. They analyzed 658
vulnerabilities affecting Microsoft products and 738 affecting Apple. They looked at only
high- and medium-risk bugs, according to the classification used by the National Vulnerability
Database. What they found is that, contrary to the popular belief that Apple makes more
secure products, Apple lags behind in patching. The report can be found on the internet at
http://www.techzoom.net/papers/blackhat_0day_patch_2008.pdf.
(IDG News Service 27MAR08)