"For example, Firefox is categorized as a Unix/Linux operating-system flaw, but it runs just as well on a Windows platform. Apache and PHP also run just as well on both platforms. There are methodological flaws in the statistics," he said.
Steven Christey, an editor for Common Vulnerabilities and Exposures, claims that the statistics used in the study were no basis for comparison of the relative security of Windows and Linux/Unix. This, he says, is because they had been collected from different sources with different criteria for the collection of flaws.