Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft or Apple - Who Is the Faster Patcher?

Posted by ryuzaki0 on from the go-speed-patcher-gooo dept.

Amy Bennett writes "And the answer is... Microsoft. Researchers from the Swiss Federal Institute of Technology analyzed 658 high-risk and medium-risk vulnerabilities affecting Microsoft products and 738 affecting Apple. They measured how many times over the past six years the two vendors were able to have a patch available on the day a vulnerability became publicly known, which they call the 0-day patch rate. What they found: 'Apple was below 20 [unpatched vulnerabilities at disclosure] consistently before 2005,' said Stefan Frei, one of the researchers involved in the study. 'Since then, they are very often above. So if you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple.'"

3 of 252 comments (clear)

  1. Apple's shortcomings by rubeng · · Score: 5, Interesting

    I love my Mac, and have been happy with OSX, but Apple's secretiveness is really annoying when it comes to patches - generally they don't tell you what was fixed, or do so only in really vague terms. There are frequent reports of Apple deleting threads in their forums talking about bugs they don't seem to want to admit to.

    If they really want to be taken more seriously in the enterprise market, they're going to have to step up and treat these things a bit more professionally, instead of just basically saying "trust us and don't ask too many questions".

  2. Re:Just more FUD by d34thm0nk3y · · Score: 5, Interesting

    The main reason - this only deals with known vulnerabilities and the time it takes to patch. Nowhere is discussed vulnerabilities that either vendor knows exists, but releases no information and no patch to fix it.

    The study speaks of things that can be known. Your response speaks of things that can't be known. You seem to be slinging the uncertainty and doubt part yourself.

  3. Re:Just more FUD by UnknowingFool · · Score: 4, Interesting

    It kinda makes sense that Apple would have more bugs. Apple uses a lot of open source software as OS X is Unix underneath the GUI. Open source software is better at disclosing bugs so their vulnerabilities are known. If you look at Apple's last security patch, it included patches for Apache, CUPS, emacs, Kerberos, libc, OpenSSH, PHP, X11, etc. That is contrasted with MS as many of their vulnerabilities are not disclosed until MS or a 3rd party discloses it. Many 3rd parties have independently disclosed because of their frustration with MS response and/or lack of acknowledgement.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.