Microsoft states within their Security Intelligence Report that the growth of Low and Medium severity issues is slowing. Based on figures 6 and 7 within their report these severity issues have been decreasing for almost 2 years, while high severity issues are on the rise. These figures show that attackers are finding items that have greater impact, even when the industry has tried to push secure software development techniques.

Microsoft even stated that their product Windows Server® 2003, Windows Vista®, Microsoft Office 2003, and the 2007 Microsoft Office system, a distinct decrease is seen in the number of vulnerabilities down the product lifetime. PLEASE Give me a break?.the reason these products have since a distinct decrease in vulnerabilities is because their global target footprint is smaller than mature products like Windows XP!!

I especially liked the marketing language within the report to used Windows Defender and Windows Vista in order to have a more secure system. I have been using Microsoft products for years and I have never found one to be totally secure. Vista threat profile will rise as soon as it's install base increases on a global scale...... I cannot wait until next years report for the same period to see if Vista is still bullet-proof as Microsoft purports.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/614/2231#2231