Analyst Report
H1 2008 Desktop OS Vendor Report - Vulnerabilities and Days-of-Risk
Published: 11/12/2008
This report looks at all of the vulnerabilities fixed by Apple, Microsoft, Red Hat and Ubuntu during the first half of 2008. At the vendor level, the report examines all vulnerabilities as well as Days of Risk (DoR) associated with those vulnerabilities.

Summary
This report looks at all of the vulnerabilities fixed by Apple, Microsoft, Red Hat and Ubuntu during the first half of 2008. At the vendor level, the report examines all vulnerabilities as well as Days of Risk (DoR) associated with those vulnerabilities. The report further drills down to examine just those issues affecting the commonly installed desktop operating system components.
Included in this document
  • The four vendors fixed a total 585 vulnerabilities in 1H08.
  • Microsoft had the lowest average Days of Risk for all vulnerabilities fixed at 24.22 days
  • For desktop OS vulnerabilities, Windows Vista had the fewest vulnerabilities in 1H08 at 21.
  • Windows Vista customers experienced full or partial mitigation for 46% of the 26 vulnerabilities affecting Windows XP SP2 in 1H08