What operating system has the most vulnerabilies?

US-CERT has the answers, and it's not Windows.


Cyber Security Bulletin 2005 Summary

2005 Year-End Index
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, so the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.

This bulletin provides a year-end summary of software vulnerabilities that were identified between January 2005 and December 2005. The information is presented only as a index with links to the US-CERT Cyber Security Bulletin the information was published in. There were 5198 reported vulnerabilities: 812 Windows operating system vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058 Multiple operating system vulnerabilities.

Emphasis mine. The bulletin lists all of the vulnerabilities by operating system.  Note they have Apple/Mac included in the Unix/Linux category.

I was looking for stats on market share for operating systems and found this. I can't vouch for the accuracy of these stats, but here's the rundown.

Windows XP    77.92%
Windows 2000    9.82%
Windows 98    4.78%
Mac OS    4.11%
Windows ME    1.99%
Windows NT    0.86%
Linux    0.30%
Windows 95    0.12%
Web TV    0.03%
Windows CE    0.02% 
SunOS sun4u    0.01% 
PSP    0.01% 
Hiptop    0.01% 
Unknown    0.00% 
FreeBSD i386    0.00%

What if Mac OS and Linux were at the top of the list?  Would those 2328 'nix vulnerabilities (which include Apple/Mac) result in massive exploits putting malware/spyware on those machines?  I don't know, but I think it's food for thought.  If Mac and 'nix had top market share, my guess is the malware pushers would be all over them. Comments?

US-CERT link via Security Fix.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All