Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Open Source   (RSS)

Q1 2008 - Client OS Vulnerability Scorecard

This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2 Read More...
Posted Thursday, May 15, 2008 12:04 AM by jrjones | 28 Comments
Attachment(s): q108-client-scorecard.pdf

Download: Internet Explorer and Firefox Vulnerability Analysis

Summary: For most people, their web browser is central to their interaction with the Internet, connecting to global web sites and helping them consume online services providing everything from booking flights to banking services to online shopping. This Read More...
Posted Friday, November 30, 2007 4:01 PM by jrjones | 24 Comments
Attachment(s): ie-firefox-vuln-analysis.pdf

Red Hat Enterprise Linux 4 Passes 1000 Vulnerabilities

A few weeks after my July OS Vulnerability Scorecard posting, I was amused to see a posting about it on truthhhappens.redhatmagazine.com (click to see the post). I can't even do it justice by paraphrasing, so here is the text: A Microsoft vulnerability Read More...
Posted Tuesday, October 16, 2007 6:23 PM by jrjones | 5 Comments

July 2007 - Operating System Vulnerability Scorecard

Summer and work travel have really had an impact and I've missed a couple of months of scorecards, so last weekend, I decided to dig in and catch up to July. I hit a few road bumps: Sun changed their Security Alerts web site, making it a bit more challenging. Read More...
Posted Thursday, August 16, 2007 11:47 PM by jrjones | 12 Comments

Windows Vista - 6-Month Vulnerability Study

I was nudged by some colleagues this week, telling me that some folks may only be reading my technet blog, but that I hadn't been doing a great job of cross-posting some things. Six months is a much more interesting time frame than the previous Windows Read More...
Posted Saturday, June 30, 2007 1:34 PM by jrjones | 1 Comments

2006 Client OS Days of Risk

As a follow-up to my previous Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris, I've also completed a look at the latest client products that were available for Read More...
Posted Monday, June 18, 2007 9:19 PM by jrjones | 1 Comments

Background and Overview for Days-of-Risk

I just published a Basic Guide to Days of Risk over on my CSO Magazine Blog , in preparation for a new quarterly days-of-risk study I'm going to start publishing. If you don't have a good understanding of the days-of-risk metrics, the post will give you Read More...
Posted Friday, May 18, 2007 11:52 PM by jrjones | 1 Comments

March 2007 - Vuln Scorecard

I just posted my March 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. Here is Read More...
Posted Thursday, April 05, 2007 9:01 PM by jrjones | 2 Comments

February 2007 - Vuln Scorecard

I just posted my February 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. I do Read More...
Posted Friday, March 30, 2007 12:14 AM by jrjones | 1 Comments

Windows Vista 90 Day Vulnerability Analysis

February 28 th marked 90 days that Windows Vista had been available to business customers. Has it been a good or a bad 90 days for security vulnerabilities? Dang, this is a sweet chart, but click here to read all the details and download the full report Read More...
Posted Wednesday, March 21, 2007 9:45 PM by jrjones | 8 Comments

Red Hat Launches 11 RHEL5 Security Advisories

Dual standards at work again. When the first vulnerability was announced in Windows Vista a month after release, it was big news. 11 security advisories, including 3 Critical ones, on the day of launch? Apparently no big deal for Red Hat ... read more Read More...
Posted Thursday, March 15, 2007 8:00 PM by jrjones | 6 Comments

Common Objections - Comparing Linux Distros with Windows

Once again, my effort to explore common misperceptions (more recently exploring unpatched statistics ) has brought out some of the common objections from those that don't necessarily like the results. Very rarely do I get comments that can find a substantive Read More...
Posted Monday, January 29, 2007 6:32 PM by jrjones | 2 Comments

Exposed? : Examining Secunia Unpatched Warnings - Part 3

This is the final post in my 3 part series trying to get an accurate view of disclosed, but unpatched issues for Windows and Linux. In Part 1 , I looked at Secunia "unpatched" warnings and raised the question of whether the unpatched data was accurate Read More...
Posted Friday, January 19, 2007 8:41 PM by jrjones | 6 Comments

Exposed? : Examining Secunia Unpatched Warnings - Part 1

Security, perception, reality. What security professional hasn't struggled with the gaps between those three things? Is there anything worse for security than a false sense of security? Even my short-term readers probably realize that this is a recurring Read More...
Posted Wednesday, January 10, 2007 7:36 PM by jrjones | 4 Comments

Microsoft and Novell Linux Partnership

I've gotten quite a few questions about what this partnership means, but I think the best response is to point people to Bill Hilf on Port25 . Bill is the GM for platform strategy and the original guy who got the Linux/OSS interoperability lab started Read More...
Posted Saturday, November 04, 2006 12:54 AM by jrjones | 0 Comments
More Posts Next page »
 
Page view tracker