Disclosure: Jesper is a friend and ex-colleague (former Microsoftie - of course, so is Window Snyder and Eric Schultze...)
Infoworld took a look at my recent Vista One Year Vulnerability Report and went to Eric Schultze of Shavlik Technologies. Mr. Schultze raised some concerns which Jesper Johansson distilled down to several hypotheses and decided to test them:
1. 64-bit Vista had fewer security vulnerabilities than 32-bit Vista
2. Windows Vista had more security vulnerabilities than Windows XP
3. Windows Vista's security vulnerabilities were more severe than those from Windows XP
4. Windows Vista had the same number of security updating events as Windows XP
Additionally, Jesper anticipated some other questions that might arise and added to further hypothese of his own to test:
5. Users who only use Firefox had fewer security patching events than those who use IE
6. Users who only use Firefox were subject to fewer vulnerabilities that those who use IE
If you are interested in the answer to these questions, you may want to read Jesper's findings, Do Vista Users Need Fewer Security Patches Than XP Users? and download his spreadsheet to see if he affirms the 6 hypotheses or find them to be false.
