Windows 10 isn’t the most vulnerable operating system – it’s actually Linux

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Surprising reports paints Linux and Android as less secure than Windows


Which operating system has suffered the most vulnerabilities since around the turn of the millennium? That would be Linux, not Microsoft’s Windows, at least according to a freshly released report.

An analysis of the National Institute of Standards and Technology’s National Vulnerability Database, compiled by Thebestvpn.com, tracked ‘technical vulnerabilities’ in popular pieces of software between 1999 and 2019.

And Debian, a flavor of Linux, was top of the table with 3,067 vulnerabilities over the last two decades. Reasonably close behind was Android on 2,563 vulnerabilities, with the Linux kernel in third place having racked up a count of 2,357. Apple’s macOS was only slightly behind that with 2,212, with Ubuntu in fifth place on 2,007.

All of the top five places were taken by operating systems, although Firefox and Chrome filled the next two positions with 1,873 and 1,858 vulnerabilities respectively.

As for Microsoft’s operating systems, Windows 7 bore 1,283 vulnerabilities, and Windows 10 carried 1,111. If you add those together, you get a total of 2,394 for the past decade, roughly – given that Windows 7 came out in 2009, and handed the baton to Windows 10 in 2015.

Read more here





 

ChoiceVoice

Level 6
Verified
Oct 10, 2014
280
i have wondered about this in the past. my friend deleted a ton of system files and killed windows dead on her laptop. anyhow, she wanted linux on it now instead. but it wouldn't take linux unless i modified several security features in the bios or something. apparently, as i researched it, those were to stop kernel-level rootkits or something, but they also prevented the installation of other operating systems. basically, they had to be deactivated for linux to be installed. all the other computers i've put linux on didn't have this. but her's did. essentially, i had to make her laptop less secure to run linux.

the article is a bit sketchy on details on the linux stats though. those details are likely important, particularly in statistics, so we can see specifically what is being compared with what (only a passing reference to debian). and kinda amusing, but in search of that missing detail, i clicked the report compiler's site link (" compiled by Thebestvpn."), and my yandex browser flagged that site as a security threat, lol. so maybe not the most reputable? dunno. but interesting :)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Every operating system complex enough to serve modern needs has as many holes as swiss cheese. But that doesn't mean that in real life, the user is at high risk. It all depends whether those holes are actively exploited, and whether the user is targeted. Linux is security by obscurity, meaning that since home users of linux systems are not targeted by malware peddlers to a significant extent, they are relatively safe.
 
F

ForgottenSeer 85179

Number's of fixed vulnerabilities doesn't mean anything but Linux is more insecure then Windows. Linux lack important security stuff which Windows use for years.
I read that Linux even miss stuff like ASLR which is ridiculous if it's true.

Also I highly recommend reading this:
 
  • Like
Reactions: oldschool

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Linux was only really thought to be the safest because it owns like 2-10% of the pc market while Windows owns about 50-70% of the market.
Right. The real numbers of linux home users are extremely low. Surely not even near 10%.
The standard malware techniques of weaponized documents and powershell scripts will not run on linux systems. It simply does not make financial sense to target linux home users.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
The real numbers of linux home users are extremely low. Surely not even near 10%.
9 of 10 linux users go to IoT devices and they are actively being hacked, but it does not make the news so much, because no real users are affected.

 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
9 of 10 linux users go to IoT devices and they are actively being hacked, but it does not make the news so much, because no real users are affected.

What's the deal with hacking IoT devices? Someone wants to turn on the lights in my living room against my will, or what?
 

monkeylove

Level 10
Verified
Well-known
Mar 9, 2014
489
One might also consider the points that operating systems are generally vulnerable but such isn't known unless malware creators discover and exploit them, that malware creators will focus more on popular operating systems because those gives them higher returns, and that those systems that are attacked are patched, which might make them safer.
 

Bonorex

Level 1
Jun 12, 2020
39
What a stupid comparison in this article. They are comparing 20 years of Debian vulnerabilities (1999 - 2019) to only 4 years of Windows 10 vulnerabilities (2015 - 2019). If we calculate the number of vulnerabilities per year, then anybody can see how many new vulnerabilities are discoeverd each year for each operating system:
Windows 10 (2015-2019): 1111/4 = 278 vulnerabilities/year
Windows 7 (2009-2015): 1283/6 =214 vulnerab./year
Debian (1999-2019): 3067/20 = 153 vulnerabilities/year

So, even Windows 7 has less vulnerabilities/year than Win10.
A totally useless and misleading article. If the author wants to compare the number of Windows/Debian vulnerabilities since the turn of the millennium, than vulnerabilities of windows 98 and XP (or Vista) should be added to the statistics, to cover the years from 1999 to 2009.
Beside that, I don't think that the number of vulnerabilities is the most important parameter, when it comes to security. Their severity should also play a role in deciding which software is the most secure
 

monkeylove

Level 10
Verified
Well-known
Mar 9, 2014
489
What a stupid comparison in this article. They are comparing 20 years of Debian vulnerabilities (1999 - 2019) to only 4 years of Windows 10 vulnerabilities (2015 - 2019). If we calculate the number of vulnerabilities per year, then anybody can see how many new vulnerabilities are discoeverd each year for each operating system:
Windows 10 (2015-2019): 1111/4 = 278 vulnerabilities/year
Windows 7 (2009-2015): 1283/6 =214 vulnerab./year
Debian (1999-2019): 3067/20 = 153 vulnerabilities/year

So, even Windows 7 has less vulnerabilities/year than Windows 10.
A totally useless and misleading article. If the author wants to compare the number of Windows/Debian vulnerabilities since the turn of the millennium, than vulnerabilities of windows 98 and XP (or Vista) should be added to the statistics, to cover the years from 1999 to 2009.
Beside that, I don't think that the number of vulnerabilities is the most important parameter, when it comes to security. Their severity should also play a role in deciding which software is the most secure

That and more were mentioned in the article (even the point that Debian has been around since 1993), which is why the writer stated that "no users should be complacent, no matter how secure they believe any particular product might be."
 

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
708
This article is ridiculous.
Linux get updates and fixes very often because a very good and large community is behind linux. Sometimes they fix issues within hours. That's how linux works.
What about Windows? sometimes we have to wait weeks or months for updates.
 
F

ForgottenSeer 85179

This article is ridiculous.
Linux get updates and fixes very often because a very good and large community is behind linux. Sometimes they fix issues within hours. That's how linux works.
What about Windows? sometimes we have to wait weeks or months for updates.
That's not fully true. Even 15 years later security bugs are still open.

Also the large community destroy itself with too many distris, too much hate to other distris and lack of maintaining these.

Windows has much more user's and monthly updates are totally fine. Android does the same but Windows also fix important problems at fast as possible instead of monthly but this is rare.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Thankfully for linux users, linux has failed miserably in its attempt to woo the general public. If a billion people were using it, we would need all sorts of security measures that would waste our time and energy, and degrade the general experience of freedom that you usually have in linux.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Thankfully for linux users, linux has failed miserably in its attempt to woo the general public. If a billion people were using it, we would need all sorts of security measures that would waste our time and energy, and degrade the general experience of freedom that you usually have in linux.
This is correct. No matter which article says what, for an average user Linux is far more secure than Windows. You can't run FreeDownloadRam.exe in Linux 😄
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top