X
XP Guy
If you are wondering why Windows 8 tops the charts, even though
Microsoft touts the platform as more secure than its predecessors (don't
they always) - the answer is quite simple; Flash. Because Flash is now
baked into the modern instance of IE, any Flash vulnerability can now be
tied into Windows 8 as well.
http://www.neowin.net/news/windows-8-is-the-most-vulnerable-windows-os-you-can-thank-flash-for-that
http://www.neowin.net/images/galleries/1821/vultop.png
-----------------------------------------------------------
Breakdown of end-point vulnerabilities in 2013
XP Vista Win-7 Win-8
Operating system 99 102 102 156
Micro$oft Programs 192 192 192 192
Third-party programs 914 914 914 914
Total 1204 1206 1208 1261
----------------------------------------------------------
Approximately one-third of the vulnerabilities of the Windows 8.x OS for
2013 is probably attributed to a single program that until Windows 8 was
an external program (Flash player) and is still in a way an external
program since "Microsoft is not directly responsible for the Flash
code".
And for older OS, updates for that external program will continue to
come directly from Adobe regardless of which older OS you happen to be
running, even if you are running an "unsupported" XP.
The vast majority of the vulnerabilities for all OS are attributed to
programs other than the OS, and are constant across all OS. The OS is
only "responsible" for less than 10%. And since the OS can be
"shielded" by means of routers, firewalls, anti-virus and other
anti-malware software, and user attention to what the heck they are
doing, then the choice of OS, from a security perspective, becomes more
and more a moot point.
Because of this tight integration of Flash into IE, for those that think
that IE8 (the last Internet Exploiter version to run on XP) is less
secure than IE 11 for windoze 8 - think again.
=======================
After 7+ years of retail availability (1999 - 2006):
Vulnerability Report: Microsoft Windows 98 Second Edition
http://secunia.com/advisories/product/13/?task=advisories
Affected By:
33 Secunia advisories
22 Vulnerabilities
Unpatched: 9% (3 of 33 Secunia advisories)
The most severe unpatched Secunia advisory affecting Microsoft Windows
98 Second Edition, with all vendor patches applied, is rated Less
critical.
======================
After 1.5 years of retail availability:
Vulnerability Report: Microsoft Windows 8
http://secunia.com/advisories/product/42951/?task=advisories
Affected By:
68 Secunia advisories
200 Vulnerabilities
Unpatched: 1% (1 of 68 Secunia advisories)
The most severe unpatched Secunia advisory affecting Microsoft Windows
8, with all vendor patches applied, is rated Not critical
=======================
Now, I could be _really cruel_ and post the number of advisories,
vulnerabilities and especially unpatched vulnerabilities for Windoze 7,
but you can laugh your ass off by looking at them here:
http://secunia.com/advisories/product/27467/?task=advisories
Meekro$oft's motto: If it works, it's not complicated enough.
Macro$haft: The bloat and exploits go in before the name goes on.
Windows NT/2k/XP/7/8 -> Like the Emperor's new clothes - woven from the
finest code, the most expensive threads.
The Windows NT line of Operating systems: Are we secure yet?
Windoze xp (scratch that)
Windows Vista (no wait)
Windows 7 (hold on)
Windows 8: -> How do you want to be hacked today?
Microsoft touts the platform as more secure than its predecessors (don't
they always) - the answer is quite simple; Flash. Because Flash is now
baked into the modern instance of IE, any Flash vulnerability can now be
tied into Windows 8 as well.
http://www.neowin.net/news/windows-8-is-the-most-vulnerable-windows-os-you-can-thank-flash-for-that
http://www.neowin.net/images/galleries/1821/vultop.png
-----------------------------------------------------------
Breakdown of end-point vulnerabilities in 2013
XP Vista Win-7 Win-8
Operating system 99 102 102 156
Micro$oft Programs 192 192 192 192
Third-party programs 914 914 914 914
Total 1204 1206 1208 1261
----------------------------------------------------------
Approximately one-third of the vulnerabilities of the Windows 8.x OS for
2013 is probably attributed to a single program that until Windows 8 was
an external program (Flash player) and is still in a way an external
program since "Microsoft is not directly responsible for the Flash
code".
And for older OS, updates for that external program will continue to
come directly from Adobe regardless of which older OS you happen to be
running, even if you are running an "unsupported" XP.
The vast majority of the vulnerabilities for all OS are attributed to
programs other than the OS, and are constant across all OS. The OS is
only "responsible" for less than 10%. And since the OS can be
"shielded" by means of routers, firewalls, anti-virus and other
anti-malware software, and user attention to what the heck they are
doing, then the choice of OS, from a security perspective, becomes more
and more a moot point.
Because of this tight integration of Flash into IE, for those that think
that IE8 (the last Internet Exploiter version to run on XP) is less
secure than IE 11 for windoze 8 - think again.
=======================
After 7+ years of retail availability (1999 - 2006):
Vulnerability Report: Microsoft Windows 98 Second Edition
http://secunia.com/advisories/product/13/?task=advisories
Affected By:
33 Secunia advisories
22 Vulnerabilities
Unpatched: 9% (3 of 33 Secunia advisories)
The most severe unpatched Secunia advisory affecting Microsoft Windows
98 Second Edition, with all vendor patches applied, is rated Less
critical.
======================
After 1.5 years of retail availability:
Vulnerability Report: Microsoft Windows 8
http://secunia.com/advisories/product/42951/?task=advisories
Affected By:
68 Secunia advisories
200 Vulnerabilities
Unpatched: 1% (1 of 68 Secunia advisories)
The most severe unpatched Secunia advisory affecting Microsoft Windows
8, with all vendor patches applied, is rated Not critical
=======================
Now, I could be _really cruel_ and post the number of advisories,
vulnerabilities and especially unpatched vulnerabilities for Windoze 7,
but you can laugh your ass off by looking at them here:
http://secunia.com/advisories/product/27467/?task=advisories
Meekro$oft's motto: If it works, it's not complicated enough.
Macro$haft: The bloat and exploits go in before the name goes on.
Windows NT/2k/XP/7/8 -> Like the Emperor's new clothes - woven from the
finest code, the most expensive threads.
The Windows NT line of Operating systems: Are we secure yet?
Windoze xp (scratch that)
Windows Vista (no wait)
Windows 7 (hold on)
Windows 8: -> How do you want to be hacked today?