In Jeff’s words,
“The results of the analysis show that Windows Vista continues to show a trend of fewer total and fewer High severity vulnerabilities at the 6 month mark compared to its predecessor product Windows XP (which did not benefit from the SDL) and compared to other modern competitive workstation OSes (which also did not benefit from an SDL-like process).
If you share the opinion that Windows and applications ported to Windows get a higher level of researcher scrutiny than other OSes, then the 6-month results are even more positive. If you don’t share that opinion, then they still stand on their own …”
Check it out the full report @ http://blogs.csoonline.com/windows_vista_6_month_vulnerability_report or just click on the pretty bar chart. For the full report in .PDF format, get it @ http://www.csoonline.com/pdf/6_Month_Vista_Vuln_Report.pdf.
By the way, bigger is not better on the chart. It’s a great start for Windows Vista so let’s hope the one year anniversary report looks good, too.