Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

And the buggiest OS provider award goes to ... APPLE?

Count of 2014's flaws finds more nasties in Mac OS and iOS than in Windows or Linux

Apple's operating systems and Linux racked up more vulnerability reports than Windows during 2014, according to research from security outfit GFI.

Cupertino's OS X and iOS platforms topped the 2014 bug charts with 147 and 127 holes disclosed in each, nudging out the Linux Kernel with 119 flagged flaws, the National Vulnerability database statistics show.

Apple also has the most high-risk holes with 64 reported in OS X, and is just nudged out by Linux in the medium-severity stakes which clocked 74 flaws to iOS' 72.

Windows platforms were far behind with 68 total reported bugs and 20 medium-severity flaws reported. Surveyed Windows releases included Windows 8, 8.1, 7, Vista, and RT, along with Server 2012 and 2008. All had between 30 and 38 vulnerabilities.

Crucially, up to 80 percent of the reported bugs concerned third party applications, and only 13 percent related to the operating systems in question.

Stats tallier and hacker Cristian Florian says he grouped the various Linux flavours into single categories because it was difficult to parse affected distributions as the kernel can be independently upgraded. Here's how he explains himself:

“The operating systems are different and it is hard to group them in a way that everybody agrees with. For example, unlike Windows, the Linux Kernel can be upgraded independently of the rest of the operating system; therefore it is hard to link Linux Kernel vulnerabilities to a specific Linux distribution or Linux distribution version. This is why Linux vulnerabilities are grouped under Linux Kernel as a separate product and then there are the specific vulnerabilities for each Linux distribution. The reason why only Linux Kernel and Apple OS X are listed at the top is because the number of vulnerabilities that specifically apply to other Linux distributions (like Red Hat, Debian, etc.) is lower than the number of vulnerabilities that apply to the operating systems already listed.

Florian says the total pool of reported vulnerabilities rose by 2,244, up almost 50 percent on the previous year, GFI says.

That bumper year was tough on Linux which endured some of 2014's most critical security issues including Heartbleed and ShellShock that impact Linux apps.

Microsoft's good run ends when one counts browser bugs. Internet Explorer threw up 242 bug reportes, ahead of Google Chrome's 124 flaws, and Mozilla Firefox's 117.

The don't-try-this-at-home surf tool also blew away the competition with 220 high severity holes reported to the Choc Factory's 86, and Fox's 57.

Safari came in with 70 total reported holes of which only three were high-severity.

The statistics do not place one operating system above another in the security stakes, or suggest that Windows is more secure than Linux, but merely indicate the attention paid to bug discovery and subsequent reporting. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like