Consumerization of IT–How to address this
Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ...
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ...
10 Reasons to migrate off Windows XP
I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ...
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ...
H1 OS Desktop Vulnerability Report – Get It Now By Roger Halbheer, on October 27th, 2008 You might know Jeff Jones’ work on the different vulnerability reports comparing different products and vendors. Our goal is to understand and measure our progress and see where we stand with regards to the industry.
Today, Jeff release his OS Desktop vulnerability report for H1 2008, which shows to me some interesting results.
One is if you look at the Days of Risk – say on average after disclosure how many days did it take a vendor to fix a vulnerability. He weighted them as well based on whether they are critical or important or low:
Secondly he shows the number of vulnerabilities of all the vendors he is looking at:
And last but definitely not least he compares the different OSs:
There is one other interesting finding: 25% of the vulnerabilities are shared by more than one vendor!
So, if you want to download the report, here you find Jeff’s post: http://blogs.technet.com/security/archive/2008/10/28/download-h1-2008-desktop-vuln-report.aspx
Roger
Related posts:
- More Details on the MS08-067 Vulnerability
- 0-Day-Patch – An new Metric for Security?
- On-Premise vs. On-Demand (or SaaS) – A Quocirca Report
- Why you should move to IPv6 – NOW!
- Money talks in Security – Does it?
Leave a Reply
|
|
|
