RHEL, kernel vulnerabilities, and days of risk
Posted Mar 25, 2005 3:30 UTC (Fri) by quickening
Parent article: RHEL, kernel vulnerabilities, and days of risk
Has anyone seen a study of days of risk from known exploits? How about number of successful intrusions? A simple up-time metric for web servers would indirectly indicate Linux is far more secure than Microsoft.
I am personally familiar with a samba DOS exploit against Win2K3 (it remotely crashes the box!) which took Microsoft 3 months to patch after I told them about it, and that patch is still not part of a service pack - and probably not installed on most servers. Something really stinks when you know there's lots of these patches which Microsoft never bothers to publish, and which never make it into these "official" studies.
to post comments)