Microsoft's Jeff Jones has released his "days of risk" comparison of security vulnerabilities fixed in the major workstation operating systems in an attempt to prove his controversial argument that Windows users are arguably safer than those using Linux, Mac OS X or Solaris.
I recently wrote about Jones' presentation this year's TechEd conference where he discussed the metrics and techniques used to keep track of OS vulnerabilities and offered an early glimpse at his ongoing 2007 report card.
On his CSO blog, Jones is providing more data, including this chart showing the average days-of-risk in 2006.
"We see in this first chart of the average Days-of-Risk that during 2006, Microsoft provided fixes for publicly disclosed vulnerabilities the quickest on average at about 29 days and Sun came in at the far end with the highest average DoR," Jones writes.
He has not yet released the promised data for the patch count during the first six months of commercial availability of each operating system. These numbers, Jones argues, will show Windows Vista has the best security profile when compared with the major Linux distributions.