More Than Half of Known Vista Bugs are Unpatched

MsManhattan writes "Microsoft security executive Jeff Jones has disclosed that in the first six months of Vista's release, the company has patched fewer than half of the operating system's known bugs. Microsoft has fixed only 12 of 27 reported Vista vulnerabilities whereas it patched 36 of 39 known bugs in Windows XP in the first six months following its release. Jones says that's because "Windows Vista continues to show a trend of fewer total and fewer high-severity vulnerabilities at the six month mark compared to ... Windows XP," but he did not address the 15 unpatched flaws."

Wrong title

[trifish]

First, the author of the submission doesn't know the difference between a bug and a vulnerability. Second, the title ought to read: "Vista Vulnerabilies are Less Serious than in XP" (and there are fewer vulnerabilities in Vista than in XP in total).

That's the reason why only half of them were fixed while in XP most of them.

Re:Rubbish.

[onion2k]

That was the joke. Hence the ;). Slashdot mods didn't get it though.

Re:Actual quote?

[ThinkFr33ly]

Then read the actual report: http://www.csoonline.com/pdf/6_Month_Vista_Vuln_Re port.pdf [csoonline.com]

It sounds bad because the person who posted it to Slashdot, and Slashdot's editors, want it to sounds bad. Are you new here or something?

Re:Why would you ever.....

[nusuth]

Then again Vista isn't exactly good PR for Microsoft.

I recently bought a notebook with Vista Home Premium preloaded. Due to all negative things I've heard about Vista, I was prepared to downgrade. I was determined not to waste my time fixing a broken OS just because I could. However I was pleasantly surprised. It is, of course, nothing like what was promised a few years ago but it is an improvement over XP. The only problem I've had (about networking with XP) took five minutes to solve. It has also been rock solid so far (with a directx 10 card, despite all horror stories.) I still don't see any reason to upgrade my XP boxes but I also don't see any reason to avoid Vista.

Re:Why would you ever.....

[JonXP]

Well, I don't know if you'll accept one well-trusted source instead of three random blogs, but here you go:

According to Secunia (for 2007):
Vista - 7 advisories, 2 unpatched (unpatched vulns listed as not critical)
OSX - 16 advisories, 3 unpatched (unpatched vulns listed as less critical)

There's too few to have a meaningful comparison of vuln severity levels, but OSX would win on percentages.

For what the original poster actually said "...even more than XP in recent years..."

Here is 2006:
XP - 45 Advisories (36% rated "Highly Cticial" or above)
OSX - 24 Advisories (42% rated "Highly Critical" or above)

Doesn't really hold water unless you compare the severity levels. Even then, that's sort of a shaky argument, but hey, that's what the internet was made for.

Fallacy

[Anonymous Coward]

You sir should think before you post.
You might want to follow your own advice.

That goes for you too!

You're committing a logical fallacy in your post. You equate the fact that your Macs have never been compromised (that you know of) to the their actual security. This is an invalid equation.

I don't think this qualifies as an "invalid equation." Maybe if he was trying to say that a Mac is a PC, or that OSX is Vista, that would be an invalid equation.

What you are thinking of sounds much more like the fallacy of "affirming the consequent." Specifically:

If my OS is secure, then it will never be hacked.
My OS has never been hacked.
Therefore, my OS is secure.

Though the first premise may or may not be weak on its own grounds, the argument is formally invalid. In your post you even go on to demonstrate cases in which an insecure OS may never be hacked. This is the traditional means of demonstrating the formaly invalidity of the fallacy of "affirming the consequent."

Sounds like you had the right idea, but you mis-identified the fallacy in question. If you are going to serve as a logician, doing it properly will avoid some embarrassment.