External News

Browse by Tags

• Apple
• Commentary
• Cool
• Linux
• Mac OS X
• Microsoft
• Novell
• NVD
• Open Source
• People
• Red Hat
• SDL
• Security
• Security Bulletins
• SuSE
• Symantec
• TechEd
• UAC
• Ubuntu
• Vista
• Vulnerabilities
• Vulns
• Windows Server
• Windows vs Linux
• Windows XP SP2

• Download: H1 2008 Desktop OS Vendor Report - Vulnerabilities and Days-of-Risk

  This report looks at all of the vulnerabilities fixed by Apple, Microsoft, Red Hat and Ubuntu during the first half of 2008. At the vendor level, the report examines all vulnerabilities as well as Days of Risk (DoR) associated with those vulnerabilities... Posted Oct 27 2008, 02:00 AM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Apple, Studies, Mac OS X, Windows vs Linux, Open Source, Red Hat, Ubuntu, Windows XP SP2, Vulnerabilities, SDL, Vulns, NVD, Security Bulletins

• Download: Server Core Potential Security Benefit

  With Windows Server 2008, the Microsoft Windows Server team introduced a new installation option –Server Core. Server Core is a “minimal install” option of Windows Server that excludes much of the GUI and many applications – such as Internet Explorer... Posted Jun 12 2008, 11:16 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Windows Server, Studies, Cool, TechEd, Security Bulletins

• Q1 2008 - Client OS Vulnerability Scorecard

  This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2... Posted May 14 2008, 06:04 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Apple, Studies, Mac OS X, Windows vs Linux, Open Source, Linux, Red Hat, UAC, Ubuntu, Windows XP SP2, Vulnerabilities, Vulns, NVD

• Windows Vista vs Windows XP SP2 Vulnerability Report 2007

  In the wake of my Windows Vista One Year Vulnerability Report , I have received many questions regarding the current vulnerability record of Windows Vista as compares with Windows XP SP2. This short paper is a compilation of vulnerability data for Microsoft... Posted May 14 2008, 05:50 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, UAC, Windows XP SP2, Vulnerabilities, Vulns

• Microsoft Security Intelligence Report - 1st Half 2007

  The third volume of the Microsoft Security Intelligence Report (SIR) is now available for download at: www.microsoft.com/sir - this link will take you to a summary portal that has links to the downloadable document, upcoming webcasts about the SIR results... Posted Oct 23 2007, 12:35 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies

• July 2007 - Operating System Vulnerability Scorecard

  Summer and work travel have really had an impact and I've missed a couple of months of scorecards, so last weekend, I decided to dig in and catch up to July. I hit a few road bumps: Sun changed their Security Alerts web site, making it a bit more challenging... Posted Aug 16 2007, 06:47 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Mac OS X, Open Source, Linux, Ubuntu, SuSE

• 2006 Client OS Days of Risk

  As a follow-up to my previous Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris, I've also completed a look at the latest client products that were available for... Posted Jun 18 2007, 04:19 PM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Mac OS X, Open Source, Linux, Red Hat, SuSE

• 2006 Days of Risk Comparison

  Among the other metrics that I track, I also periodically look at days-of-risk, or the average amount of time that customers are exposed to public vulnerabilities before a vendor provides a patch. You can take a look at the full findings on Days-of-risk... Posted Jun 15 2007, 07:07 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Windows vs Linux, Linux, Red Hat, SuSE

• Windows XP vs Windows Vista Security

  So, a couple of days ago, I happened upon the tantalizing headline of Review: Vista, XP Users Equally At Peril To Viruses, Exploits. What!? As you can imagine, the headline sucked me in and I had to read it. Frankly, the article as well as the scientific... Posted Jun 01 2007, 05:21 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Commentary

• Mr. Jones Goes to TechEd

  TechEd 2007 is coming next week and I am excited to have two sessions this year. If you sometimes find the information I post on the blog here interesting, then I think you'll enjoy these sessions. In any case, stop by and say hi. MONDAY - SEC208 - Jeff... Posted May 29 2007, 02:39 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Windows vs Linux, People, TechEd

• Background and Overview for Days-of-Risk

  I just published a Basic Guide to Days of Risk over on my CSO Magazine Blog , in preparation for a new quarterly days-of-risk study I'm going to start publishing. If you don't have a good understanding of the days-of-risk metrics, the post will give you... Posted May 18 2007, 06:52 PM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Windows vs Linux, Open Source, Linux, Red Hat

• March 2007 - Vuln Scorecard

  I just posted my March 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. Here is... Posted Apr 05 2007, 04:01 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Mac OS X, Windows vs Linux, Open Source, Linux, Red Hat, Ubuntu, SuSE

• Windows Vista 90 Day Vulnerability Analysis

  February 28 th marked 90 days that Windows Vista had been available to business customers. Has it been a good or a bad 90 days for security vulnerabilities? Dang, this is a sweet chart, but click here to read all the details and download the full report... Posted Mar 21 2007, 04:45 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Mac OS X, Windows vs Linux, Open Source, Linux, Red Hat, Symantec, Novell, SuSE

• January 2007 - Vuln Scorecard

  I just posted my January 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Sun, and Mac OS X, broken down by server and workstation. I do include the... Posted Feb 27 2007, 04:13 PM by TechNet Blogs Filed under: Security, Vista, Windows, Microsoft, Studies, Mac OS X, Windows vs Linux, Linux, Red Hat, Ubuntu

• Exposed? : Examining Secunia Unpatched Warnings - Part 3

  This is the final post in my 3 part series trying to get an accurate view of disclosed, but unpatched issues for Windows and Linux. In Part 1 , I looked at Secunia "unpatched" warnings and raised the question of whether the unpatched data was accurate... Posted Jan 19 2007, 03:41 PM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Windows vs Linux, Open Source, Linux, Red Hat

• Exposed? : Examining Secunia Unpatched Warnings - Part 2

  This is Part 2 of my look at the perceptions and realities concerning disclosed, but unpatched vulnerability trends between Windows and Linux. You may want to read Part 1 first. Before I dig into methodologies, I'd like to thank Secunia's for reaching... Posted Jan 17 2007, 01:13 PM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Windows vs Linux, Linux, Red Hat

• Exposed? : Examining Secunia Unpatched Warnings - Part 1

  Security, perception, reality. What security professional hasn't struggled with the gaps between those three things? Is there anything worse for security than a false sense of security? Even my short-term readers probably realize that this is a recurring... Posted Jan 10 2007, 02:36 PM by TechNet Blogs Filed under: Security, Windows, Microsoft, Studies, Windows vs Linux, Open Source, Linux, Red Hat