About Thawte

News

Zero-day exploit response time varies by OS

No operating system is invulnerable to malware, though the response time in which a threat is identified varies. Findings from Trustwave's 2013 Global Security Report show a significant disparity in the time it takes different software developers to patch zero-day vulnerabilities.

A table provided by ZDNet displaying Trustwave's findings show that the Linux kernel had the worst response time with an average of 857 days of time lapsed between initial vulnerability to patch - almost three years - followed by Microsoft Windows at 375 days.

In an interview with ZDNet, SpiderLabs' John Yeo thinks that the gap in time is related to the how open source Linux is distributed and developed. {a lot of Symantec's target audience comes from the open source community, so will want to rephrase this. I'd also paraphrase the quote and integrate it into this graph to avoid a specific Linux mention.}

"When you're talking about a vendor who is wholly and solely responsible for that particular product, it's somewhat easier for them to roll out a patch because it is very standardized, whereas you might have different components or modules within the Linux kernel and many different people from an open source perspective who might be responsible for putting together a fix” said Yeo.

There are also other variables to consider in light of Trustwave's findings, like the number of critical vulnerabilities (CVEs) found among OSes. The report identified the Linux kernel as being the lowest of the top three with 9 CVEs. In terms of zero-days found, Linux and Microsoft were both tied with 2.

Regardless of the operating system, increasingly sophisticated malware is difficult to spot and the proliferation of exploits stretches resources. Consider a Thawte SSL certificate to start protecting sensitive web data today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?