Microsoft is giving itself high marks in its first year Vista security report, at least when comparing the OS’s first year vulnerability and patch statistics to its Windows OS predecessor and other modern workstation operating systems, such as Red Hat, Ubuntu, and Apple’s Mac OS.
The report has been criticized for not taking into account factors like software quality, administrative controls, physical controls, or just how damaging each exploit can be. Microsoft’s Jeff Jones notes, however, that the report is not an attempt to prove which operating system is “more secure” than the others, but rather an analysis on how Microsoft’s improvements to the security update process and development process have reduced the impact of security updates to Windows administrators significantly compared to its predecessor, Windows XP.
That said, Vista still has a relatively small user base (compared to XP) and despite Microsoft and a number of security labs' best efforts, real world usage still seems better at finding bugs. Whether or not Vista is more secure will be determined overtime.