|Home » Industry Watch (» The Technological » Hall of Monkeys » Heroes Banquet)
The Zero Day Scorecard
Apple fell behind archrival Microsoft three years ago and still haven't caught back up.
LONDON (Rixstep) -- Apple's teasing commercials implying their software is safer than Microsoft's may not quite match the facts - this according to new research revealed at the Black Hat conference yesterday.
Researchers from the Swiss Federal Institute of Technology studied Apple's and Microsoft's responses to zero day vulnerabilities over the past six years. They chose 658 Microsoft alerts and 738 Apple alerts and both medium risk and high risk vulnerabilities.
Although Apple have a reputation for more secure products they lag behind in patching.
What About Before 2003?
Prior to late 2003 Apple didn't rush to fix zero day vulnerabilities at all.
'Apple had fewer vulnerabilities early on and they were surprised or not as ready or not as attentive', says Stefan Frei. And although Microsoft understandably have attempted to cultivate a closer relationship with the security community Apple have not.
As readers of this site can attest: overwhelmingly egregious vulnerabilities have in some cases stayed open not only past Day Zero but also Week Zero, Month Zero, and Year Zero. Contenders for the all time most systematically ignored vulnerabilities are amongst others the Opener Hole and the Oompa Loompa Hole.
Now it's the wide open iPhone with Microsoft type security - none at all save signed code components.
IDG News Service: Microsoft vs Apple - Who Patches 0-Days Faster?