De todas formas pondré algunas cosillas que me llamaron la atención.
Cita: The report found that Microsoft (Quote) Windows had the fewest number of patches and the shortest average patch development time of the five operating systems it monitored in the last six months of 2006.
El reporte no encontró que Windows sea más seguro, sino que desarrolla y libera parches más a menudo, eso no quiere decir a fuerza que sea mas seguro, de hecho, algunos mal pensados como yo veríamos en eso un punto negativo, la necesidad de parches continuos puede ser síntoma de inseguridad.
Cita: During this period, 39 vulnerabilities, 12 of which were ranked high priority or severe, were found in Microsoft Windows and the company took an average of 21 days to fix them. It's an increase of the 22 vulnerabilities and 13-day turnaround time for the first half of 2006 but still bested the competition handily.
Red Hat Linux was the next-best performer, requiring an average of 58 days to address a total of 208 vulnerabilities. However, this was a significant increase in both problems and fix time over the first half of 2006, when there were 42 vulnerabilities in Red Hat and the average turnaround was 13 days.
The one bright spot in all of this is that of the 208 Red Hat vulnerabilities, the most of the top five operating systems, only two were considered high severity, 130 were medium severity, and 76 were considered low.
Como vemos, RedHat mostró muchas más vulnerabilidades(208) que Windows(39), sin embargo Windows tuvo muchas más inseguridades severas 12 contra sólo 2 de RedHAt, calculemos la proporciónes:
Windows
Total de vulnerabilidades 39
Severas: 12
Porcentaje: 30.76%
RedHat
Total de vulnerabilidades: 208
Severas: 2
Porcentaje:
0.96%
Como vemos, el porcentaje de vulnerabilidades severas de Windows es exponencialmente mayor que el de RedHat.
Creo que sólo basarnos en los números brutos puede ser engañoso, los porcentajes pueden ayudarnos a tener una mejor perspectiva de los resultados del estudio.
Saludos.