Stefan Frei and Bernard Tellenbach of the Computer Engineering and Networks Laboratory (TIK) at the Swiss Federal Institute of Technology, analysed several years of vulnerability disclosures and patching processes from various vendors.

They found that Apple is getting worse at dealing with security problems while Microsoft is improving. Apple is experiencing more vulnerabilities, longer patching times, and more attacks on unpatched vulnerabilities, according to the duo.

Frei and Tellenback presented their findings at a presentation entitled 0-day Patch – Exposing Vendors (In)Security Performance at last week's Black Hat conference in Amsterdam.

The Register - John Leyden March 31, 2008

Resources