Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft or Apple - Who Is the Faster Patcher?

Posted by ryuzaki0 on from the go-speed-patcher-gooo dept.

Amy Bennett writes "And the answer is... Microsoft. Researchers from the Swiss Federal Institute of Technology analyzed 658 high-risk and medium-risk vulnerabilities affecting Microsoft products and 738 affecting Apple. They measured how many times over the past six years the two vendors were able to have a patch available on the day a vulnerability became publicly known, which they call the 0-day patch rate. What they found: 'Apple was below 20 [unpatched vulnerabilities at disclosure] consistently before 2005,' said Stefan Frei, one of the researchers involved in the study. 'Since then, they are very often above. So if you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple.'"

10 of 252 comments (clear)

  1. heh by ionix5891 · · Score: 5, Funny

    it must be apple hate week here at slashdot :p

  2. Well, duh... by SirGarlon · · Score: 5, Funny

    Microsoft has more practice patching their OS!

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
    1. Re:Well, duh... by Anonymous Coward · · Score: 5, Informative
      That's exactly right. Microsoft batch their updates once a month. Apple do it less regularly and less frequently, and they are frequently *unbelievably* slow to patch issues in the Free software they ship that's also in Linux or BSD distributions (trust me, I track this stuff for my employer.) God only knows how bad they are about patches in their own code. They didn't even manage to fix a typo in the Safari / win32 port EULA right first time.

      Personally as a certified Free software I'm rubbing my hands & looking forward to the Linux types who've switched for, basically, teh shiny. It's Freedom that counts folks, not features or functions or shiney... Freedom.

  3. what day of the week is it? by gEvil+(beta) · · Score: 5, Funny

    Microsoft is the faster patcher, but only if it happens to be the second Tuesday of the month.

    --
    This guy's the limit!
  4. Of course! by shadow349 · · Score: 5, Funny

    So if you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple.
    That explains all those zombie Mac OS X machines.
  5. Apple's shortcomings by rubeng · · Score: 5, Interesting

    I love my Mac, and have been happy with OSX, but Apple's secretiveness is really annoying when it comes to patches - generally they don't tell you what was fixed, or do so only in really vague terms. There are frequent reports of Apple deleting threads in their forums talking about bugs they don't seem to want to admit to.

    If they really want to be taken more seriously in the enterprise market, they're going to have to step up and treat these things a bit more professionally, instead of just basically saying "trust us and don't ask too many questions".

  6. Article Lacks Important Information by Revotron · · Score: 5, Insightful

    The article in question lacks a significant amount of information - hell, it didn't even give a number for Microsoft. It just said that Apple was "below 20" and then got better.

    Until I see an article that doesn't throw out one number and then fill the rest of the page with useless fluff and speculation, I'm putting my money on Apple.

  7. Re:Just more FUD by d34thm0nk3y · · Score: 5, Interesting

    The main reason - this only deals with known vulnerabilities and the time it takes to patch. Nowhere is discussed vulnerabilities that either vendor knows exists, but releases no information and no patch to fix it.

    The study speaks of things that can be known. Your response speaks of things that can't be known. You seem to be slinging the uncertainty and doubt part yourself.

  8. Apples to ... by Bombula · · Score: 5, Funny

    Bah. This comparison is just Apples to - wait a minute...

    --
    A-Bomb
  9. Thats because M$ just has more 'features' by hAckz0r · · Score: 5, Insightful

    Mocrosloth doesn't even say they have a problem, much less announce it until they have a patch ready (or nearly ready). Take a look at the "shatter attack" privilege elevation exploit that just got fixed in Vista, it started with Win NT 4.0, and when was that out? What YEAR was that? And now with have the wonderful Fire-Wire exploit, which they were aware of in 2004, reminded again in 2006, and the exploit finally published in 2007 because they refused to do anything! The only reason why MS is coming out on top is because they own the kitchen and cook their own numbers to order.