http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspxOn January 23, Jeff Jones, Director of Security at Microsoft, published his &quot;One Year Vulnerability Report&quot; for Windows Vista. In the report, he analyzed whether Windows Vista had fewer vulnerabilities in its first year than it&#39;s predecessorenCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspx#7426Tue, 12 Feb 2008 06:28:46 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:7426Wayne Anderson<p>I love the line about patching end users vs patching the operating system. &nbsp;While an updated operating system which is developed using an attempt at secure programming practices could possibly provide fewer attack vectors than previous versions of that product, I think it important to always note that this is much like discussions about precision rifles or precision art tools, if you like.</p> <p>The tools are often far more accurate/secure/faster than the folks who make use of them. &nbsp;In such cases, an organization will be well served by a good WSUS infrastructure and coherent patching practies but may be better served by strong policy and recurring user education.</p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=7426" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspx#7390Fri, 01 Feb 2008 23:04:49 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:7390werder<p>I think time will solve all these problems. We have been using WinXP for about 5-6 years and Vista for only 1 year. Besides there may still exist many unknown vulnerabilities which are not discovered yet. That is why it does not make any sense comparing Vista to XP. </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=7390" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspx#7382Wed, 30 Jan 2008 07:54:10 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:7382Zorgon3<p>You also need to analyze the number of users for Vista in its first year vs XP users in the first year. &nbsp;Seeing as Vista is widely and correctly regarded as a &quot;debacle&quot;, the number of security attacks would be proportionally lower as well. </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=7382" width="1" height="1">http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspx#7373Tue, 29 Jan 2008 02:26:38 GMT91db4bc3-5a69-4a9f-94bf-eedb569902ab:7373Rod Taylor<p>Jesper, you&#39;ve proven to me again why you and Steve Riley are way up the top of my list of people I trust to discuss security issues wrt Windows. As an IT Manager, you answered the *exact* question I was asking after reading the original report - how do XP SP2 and Vista compare over the last 12 months re patching? The original report was pretty much useless. Who cares how a product performed 6 years ago compared to how a new product performed this year?</p> <p>Great work and it&#39;s a shame we don&#39;t get to see you at TechEd Australia any more. </p> <div style="clear:both;"></div><img src="http://msinfluentials.com/aggbug.aspx?PostID=7373" width="1" height="1">