Surprising reports paints Linux and Android as less secure than Windows

yhtjrcyr52fVbDkr3txsZ8-650-80.jpg

Which operating system has suffered the most vulnerabilities since around the turn of the millennium? That would be Linux, not Microsoft’s Windows, at least according to a freshly released report.

An analysis of the National Institute of Standards and Technology’s National Vulnerability Database, compiled by Thebestvpn.com, tracked ‘technical vulnerabilities’ in popular pieces of software between 1999 and 2019.

And Debian, a flavor of Linux, was top of the table with 3,067 vulnerabilities over the last two decades. Reasonably close behind was Android on 2,563 vulnerabilities, with the Linux kernel in third place having racked up a count of 2,357. Apple’s macOS was only slightly behind that with 2,212, with Ubuntu in fifth place on 2,007.

All of the top five places were taken by operating systems, although Firefox and Chrome filled the next two positions with 1,873 and 1,858 vulnerabilities respectively.

As for Microsoft’s operating systems, Windows 7 bore 1,283 vulnerabilities, and Windows 10 carried 1,111. If you add those together, you get a total of 2,394 for the past decade, roughly – given that Windows 7 came out in 2009, and handed the baton to Windows 10 in 2015.

Although note that some of the other figures mentioned represent a full two decades of existence – like Debian, which has been around since 1993 – so it’s difficult to make direct comparisons in that respect.

Still, this serves to underline that Windows security is perhaps not as shaky as you might believe, at least historically, and indeed that Linux and Mac users shouldn’t be complacent.

Of course, there’s a lot more to security than the mere number of vulnerabilities which pop up in any given operating system or product. There are a number of other important points to consider here, too, such as the nature of those vulnerabilities, the likelihood of them being targeted, and of course the response and ease of patching them, among many other factors.

The point still stands, however, that no users should be complacent, no matter how secure they believe any particular product might be.

Looking at the figures for 2019 alone, Android was the most vulnerable piece of software with 414 reported vulnerabilities, followed by Debian Linux on 360, and Windows 10 was in third place in this case with 357.
Microsoft is a major target

If you go by software makers, Microsoft is unsurprisingly top of the rankings given the breadth of widely-used products it makes (not just Windows, but Office, web browsers and more). Some of the most critical vulnerabilities were found in Microsoft Office, too, with the report giving the productivity suite’s various security flaws a weighted average of 9.1 in terms of their seriousness.

That was beaten only by Adobe Flash Player (9.4) and Adobe Acrobat (9.2).

As for the type of vulnerabilities found, in 2019, a quarter (25.3%) of all the observed security flaws were code execution vulnerabilities. Cross-site scripting was the second most prevalent gremlin in the works at 17.7%, followed by buffer overflows at 13.9%, and then denial of service attacks at 10.2%.

The 20 year summary seems of little use in assessing security posture because that is such a long time in Software/Tech world. Tech companies change much quicker than that. I think Microsoft's turning point was after Windows XP which was riddled with ActiveX and other exploits. Things changed noticeably after the Service Pack three was released which introduced the Windows Firewall among other things.

The 2019 analysis is good and definitely more relevant. Microsoft is now one of the world's biggest security company if you go by how much they (and others) spend on security. Through, perhaps, an argument can be made that Linux gets more vulnerabilities because they are easier to spot in the source (which is open) and perhaps most of Windows vulnerabilities are primarily patched by MS themselves (or discovered by NSA who then sit on them until they themselves get hacked).

I am Windows 7 user,

Windows 10 is Crap,

Linux is better at least than Windows 10,

and Linux is more secure than Windows xp and 10, and even than 7

You can try Linux Mint or any other distro,

https://distrowatch.com/

Everything has vulnerabilities. One big thing to take into consideration is the more popular an OS is, the more likely its to be targeted.