In the wake of my Windows Vista One Year Vulnerability Report, I have received many questions regarding the current vulnerability record of Windows Vista as compares with Windows XP SP2.

This short paper is a compilation of vulnerability data for Microsoft Windows Vista and Microsoft Windows XP SP2 for calendar year 2007 and a brief analysis to see if any benefit is apparent for users of one OS over the other.

I found that Windows Vista offers benefit over Windows XP SP2 in the following ways for 2007:

  • Windows Vista had 30% fewer Security Bulletins than Windows XP
  • Windows Vista had 20% fewer vulnerabilities than Windows XP
  • Windows Vista had 28% fewer Critical and Important vulnerabilities than Windows XP
  • 26 vulnerabilities on Windows Vista are less severe for any users running as standard user.

Here is the chart breaking down the vulnerabilities by Microsoft severity ratings

vulns-vsev

Download the short paper attached to this post for full details.

Share this post :