===== CVE Microsoft Windows vs GNU/Linux ===== This little article try to make a honest comparation between vulnerabilities founded in CVE database about Microsoft Windows and GNU/Linux, is not useful but fun. I take the stadistics of Windows 7, 8, 8.1 and 10, with Linux I used only the data from 2009 to 2017. Why? because the older record of Windows 7 is from the same year. ==== Resume ==== Total of Windows 3051 Total of Linux 1369 Despite GNU/Linux is the winner… is less used than Microsoft Windows =(… === Update 1 === I want try to eliminate the factor of utilization… * Use space data NETMARKETSHARE affirm that Mac OS X have a 6.25% vs GNU/Linux 2.09% vs Microsoft Windows 91.66%. I get data about BSD ([[:freebsd|FreeBSD]] or [[:openbsd|OpenBSD]]), the usage statistics is 0.14%. Who uses BSD to browse the web? * Commercial usage To be more objetive, HG Data have data about utilization of this operating systems on enteprises. 146,216 companies affirm that use Windows 7, 8 and 10, 1,627 [[:openbsd|OpenBSD]], 29,930 [[:freebsd|FreeBSD]], 42,028 Mac OS X and 336,651 GNU/Linux. Surprise!!! OK, the new numbers: Total of Windows 3051 Total of Linux 1369 Total of Mac OS X 1313 Total [[:freebsd|FreeBSD]] 88 Total [[:openbsd|OpenBSD]] 57 The winner? If you compare the amount of people that use Windows vs the amount of security issues and related, you want to use Windows, based in the same, you don't want to use Mac OS X =$, but if you want to use an operating system that nobody wants make virus, [[:openbsd|OpenBSD]] is the winner. GNU/Linux have a lot of utilization on companies with less security issues and related compared with Microsoft Windows. Make you choice! ==== Details in tables ==== |Year|# of Vulnerabilities|[[:dos|DoS]]|Code Execution|Overflow|Memory Corruption|Sql Injection|XSS|Directory Traversal|Http Response Splitting|Bypass something|Gain Information|Gain Privileges|CSRF|File Inclusion|# of exploits|Windows 10| |2015|53|4|17|3|6| | | | |10|4|26| | | |Windows 10| |2016|172|6|47|23|7| | | | |19|31|82| | | |Windows 10| |2017|68|17|13|4|1| |1| | |3|16|15| | | |Windows 10| |Total|293|27|77|30|14| |1| | |32|51|123| | | |Windows 10| | | | | | | | | | | | | | | | | | | |2013|7|4|4|3|2| | | | | | |1| | | |Windows 8.1| |2014|38|8|13|5|4| | | | |5|5|12| | |4|Windows 8.1| |2015|151|14|47|11|9| | |1| |30|25|59| | |1|Windows 8.1| |2016|154|5|45|20|7| | | | |16|26|75| | | |Windows 8.1| |2017|56|13|11|4|1| |1| | |1|16|11| | | |Windows 8.1| |Total|406|44|120|43|23| |1|1| |52|72|158| | |5|Windows 8.1| | | | | | | | | | | | | | | | | | | |2012|5| |3|2| | | | | | | |2| | | |Windows 8| |2013|58|17|18|21|6| | |1| |2|3|25| | |4|Windows 8| |2014|38|8|12|5|3| | | | |5|5|12| | |4|Windows 8| |2015|146|12|46|10|9| | |1| |27|24|58| | |1|Windows 8| |2016|7| |3|1| | | | | |1|1|5| | | |Windows 8| |2017|1|1| | | | | | | | | | | | | |Windows 8| |Total|255|38|82|39|18| | |2| |35|33|102| | |9|Windows 8| | | | | | | | | | | | | | | | | | | |2009|15|3|10|2|6| | | | | | | | | |1|Windows 7| |2010|64|16|29|15|9| |1| | |2|1|22| | |4|Windows 7| |2011|102|14|18|9|8| |2| | |4|2|65| | |3|Windows 7| |2012|44|4|14|6| | | | | |2|3|22| | | |Windows 7| |2013|99|16|18|24|6| | |1| |3|2|67| | |4|Windows 7| |2014|36|6|12|5|3| | | | |6|5|12| | |4|Windows 7| |2015|147|11|52|12|9| | |1| |24|24|60| | |1|Windows 7| |2016|134|4|39|18|6| | | | |11|20|71| | | |Windows 7| |2017|67|7|15|11|1| |1| | |2|33|10|1| | |Windows 7| |Total|708|81|207|102|48| |4|2| |54|90|329|1| |17|Windows 7| |Total Windows|1662| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |2009|105|66|2|22|7| | | | |8|11|22| | |4|Linux| |2010|124|67|3|16|7| | | | |8|30|14| | |5|Linux| |2011|83|62|1|21|10| | | | |1|21|9| | |1|Linux| |2012|115|83|4|25|10| | | | |6|19|11| | | |Linux| |2013|189|101|6|41|13| | | | |11|57|26| | |7|Linux| |2014|133|89|8|21|10| | | | |11|30|20| | |10|Linux| |2015|86|55|6|15|4| | | | |11|10|17| | | |Linux| |2016|217|153|5|38|18| | | | |12|35|52| | |1|Linux| |2017|317|68|164|25|14| | | | |6|67|23| | | |Linux| |Total Linux|1369| | | | | | | | | | | | | | | | |Year|# of Vulnerabilities|[[:dos|DoS]]|Code Execution|Overflow|Memory Corruption|Sql Injection|XSS|Directory Traversal|Http Response Splitting|Bypass something|Gain Information|Gain Privileges|CSRF|File Inclusion|# of exploits| | |2009|81|44|43|30|13| |3| |1|4|5|7| | |6|Mac OS X| |2010|97|56|52|42|15| |3|3| |9|5|3|1| | |Mac OS X| |2011|74|35|36|29|9| |1| | |8|8|2| | | |Mac OS X| |2012|37|21|20|13|4| | | | |1|6|2| | | |Mac OS X| |2013|72|30|15|13|4| | | | |15|15| | | | |Mac OS X| |2014|151|55|74|43|20| | | | |25|24|6| | |1|Mac OS X| |2015|444|225|180|184|146| |2|1| |53|61|63|1| |3|Mac OS X| |2016|215|149|109|114|96| |1| | |6|40|21| | | |Mac OS X| |2017|142|90|78|57|50| |1| | |6|22|9| | | |Mac OS X| |Total Mac OS X|1313| | | | | | | | | | | | | | | | |Year|# of Vulnerabilities|[[:dos|DoS]]|Code Execution|Overflow|Memory Corruption|Sql Injection|XSS|Directory Traversal|Http Response Splitting|Bypass something|Gain Information|Gain Privileges|CSRF|File Inclusion|# of exploits| |2009|11|3|2|3|1| | | | |2|1|3| | |2| |2010|8|4|2| | | | | | | |1|2| | |3| |2011|10|4|2|3| | | |2| |1|1|2| | |2| |2012|10|6|2|6| | | | | | | |1| | |1| |2013|13|4|1|2|1| | | | |4|5|3| | | | |2014|18|13|2|6| | | | | | |5| | | | | |2015|6|4|1|2| | | | | | |1|2| | | | |2016|6|6| |4| | | | | | |1|2| | | | |2017|6|1| |1| | | | | |1|1|4| | | | |Total [[:freebsd|FreeBSD]]|88| | | | | | | | | | | | | | | |Year|# of Vulnerabilities|[[:dos|DoS]]|Code Execution|Overflow|Memory Corruption|Sql Injection|XSS|Directory Traversal|Http Response Splitting|Bypass something|Gain Information|Gain Privileges|CSRF|File Inclusion|# of exploits| |2009|6|5|1|2| | | | | | | |1| | |3| |2010|1| | | | | | | | |1| | | | | | |2011|7|4|1|2| | | | | | | | | | | | |2012|2|1| | | | | | | | |1| | | | | |2013|2|1| | | | | | | |1| | | | | | |2014|8|4| |1|1| | | | |2|1| | | | | |2015|5|2| | | | | | | |1| |1| | | | |2016|7|4| |2| | | | | |1|1|1| | | | |2017|19|10|2|3| | | | | | |2|2| | | | |Total [[:openbsd|OpenBSD]]|57| | | | | | | | | | | | | | | |Year|# of Vulnerabilities|[[:dos|DoS]]|Code Execution|Overflow|Memory Corruption|Sql Injection|XSS|Directory Traversal|Http Response Splitting|Bypass something|Gain Information|Gain Privileges|CSRF|File Inclusion|# of exploits| | | |2009|78|8|47|15|14| | | | |2|2|13| | |1|Windows Server 2008| | |2010|91|25|37|16|14| |1| | |5|3|26| | |5|Windows Server 2008| | |2011|105|18|17|11|10| |4| | |3|2|66| | |2|Windows Server 2008| | |2012|50|5|15|6| | | | | |3|3|24| | | |Windows Server 2008| | |2013|103|18|22|24|7| | |1| |2|2|66| | |5|Windows Server 2008| | |2014|38|9|12|5|3| | | | |7|4|12| | |4|Windows Server 2008| | |2015|150|12|54|15|11| |1|1| |24|23|60| | |1|Windows Server 2008| | |2016|133|7|36|17|6| | | | |11|19|72| | | |Windows Server 2008| | |2017|77|10|19|12|2| |1| | |2|35|11|1| | |Windows Server 2008| | |2012|5| |2|2| | | | | |1| |2| | | |Windows Server 2012| | |2013|51|12|17|17|3| | |1| |2|2|21| | |4|Windows Server 2012| | |2014|38|9|11|5|3| | | | |6|5|12| | |4|Windows Server 2012| | |2015|155|16|46|11|9| | |1| |31|26|60| | |1|Windows Server 2012| | |2016|156|8|42|19|7| | | | |16|28|76| | | |Windows Server 2012| | |2017|62|14|12|6|2| |1| | |2|17|12| | | |Windows Server 2012| | |2016|39|1|7|12|2| | | | |3|6|23| | | |Windows Server 2016| | |2017|58|17|12|3|2| |1| | |3|13|9| | | |Windows Server 2016| | |Total Windows Server|1389| | | | | | | | | | | | | | | | | ==== References ==== * [[http://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33|http://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33]] * [[http://www.cvedetails.com/product/17153/Microsoft-Windows-7.html?vendor_id=26|http://www.cvedetails.com/product/17153/Microsoft-Windows-7.html?vendor_id=26]] * [[http://www.cvedetails.com/product/22318/Microsoft-Windows-8.html?vendor_id=26|http://www.cvedetails.com/product/22318/Microsoft-Windows-8.html?vendor_id=26]] * [[http://www.cvedetails.com/product/26434/Microsoft-Windows-8.1.html?vendor_id=26|http://www.cvedetails.com/product/26434/Microsoft-Windows-8.1.html?vendor_id=26]] * [[http://www.cvedetails.com/product/32238/Microsoft-Windows-10.html?vendor_id=26|http://www.cvedetails.com/product/32238/Microsoft-Windows-10.html?vendor_id=26]] * [[http://www.cvedetails.com/product/11366/Microsoft-Windows-Server-2008.html?vendor_id=26|http://www.cvedetails.com/product/11366/Microsoft-Windows-Server-2008.html?vendor_id=26]] * [[http://www.cvedetails.com/product/23546/Microsoft-Windows-Server-2012.html?vendor_id=26|http://www.cvedetails.com/product/23546/Microsoft-Windows-Server-2012.html?vendor_id=26]] * [[http://www.cvedetails.com/product/34965/Microsoft-Windows-Server-2016.html?vendor_id=26|http://www.cvedetails.com/product/34965/Microsoft-Windows-Server-2016.html?vendor_id=26]] * [[http://www.cvedetails.com/product/156/Apple-Mac-Os-X.html?vendor_id=49|http://www.cvedetails.com/product/156/Apple-Mac-Os-X.html?vendor_id=49]] * [[https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=8&qpcustomd=0|https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=8&qpcustomd=0]] * [[https://w3techs.com/technologies/details/os-freebsd/all/all|https://w3techs.com/technologies/details/os-freebsd/all/all]] * [[http://www.cvedetails.com/vendor/6/Freebsd.html|http://www.cvedetails.com/vendor/6/Freebsd.html]] * [[https://discovery.hgdata.com/product/windows-7|https://discovery.hgdata.com/product/windows-7]] * [[https://discovery.hgdata.com/product/windows-8|https://discovery.hgdata.com/product/windows-8]] * [[https://discovery.hgdata.com/product/windows-10|https://discovery.hgdata.com/product/windows-10]] * [[https://discovery.hgdata.com/product/openbsd|https://discovery.hgdata.com/product/openbsd]] * [[https://discovery.hgdata.com/product/freebsd|https://discovery.hgdata.com/product/freebsd]] * [[https://discovery.hgdata.com/product/mac-os|https://discovery.hgdata.com/product/mac-os]] * [[https://discovery.hgdata.com/product/linux|https://discovery.hgdata.com/product/linux]] \\