Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

March, 2007

  • Just for Fun: Covering My Coverage

    Since published my Windows Vista - 90 Day Vulnerability Report , I have been reading a lot of the various commentary and generally, I take it with a grain of salt. Many of the comments indicate that the person didn't even read the report, which is fairly typical, while others bash it without raising any substantive proofpoint, simply because of where I work - again, pretty typical. Anyway, there have been some interesting ones from security reporters that I thought might be fun to review. Podcast...
  • February 2007 - Vuln Scorecard

    I just posted my February 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. I do include the first 3 months of Windows Vista as well, which had 1 fix in that time period. As a teaser, here is one of the 4 charts from the post: I plan to update this monthly throughout the year, and will include newer products when they are...
  • Windows Vista 90 Day Vulnerability Analysis

    February 28 th marked 90 days that Windows Vista had been available to business customers. Has it been a good or a bad 90 days for security vulnerabilities? Dang, this is a sweet chart, but click here to read all the details and download the full report . Best regards ~ Jeff
  • Red Hat Launches 11 RHEL5 Security Advisories

    Dual standards at work again. When the first vulnerability was announced in Windows Vista a month after release, it was big news. 11 security advisories, including 3 Critical ones, on the day of launch? Apparently no big deal for Red Hat ... read more detail