In some mail from Matthew Murphy, sie said: > > Even though MS, by the time you factor in the large number of components > they ship, has had many times fewer patch releases than competing Linux > distributions? > > 1. OpenSSH v. Remote Desktop / Terminal Services > OpenSSH: Two vulnerabilities in recent weeks > RD/Terminal Services: Zero vulnerabilities this year
But according to openbsd's web page, the "two vulnerabilities" are not remotely exploitable (at least on their platform) so what exactly are you counting here? > 2. Sendmail v. Exchange > As buggy as many people claim Exchange is, it has had two patches this > year -- if you include OWA. Even though it provides substantially larger > amounts of functionality for some uses, it has still had fewer > vulnerabilities than its main competitor, Sendmail. sendmail dates back to a time when defensive programming wasn't considered as important as it is today and as such is at a considerable disadvantage in many ways to more modern mail software programs such as Exchange or postfix or qmail when compared in this manner. Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
