Microsoft's top security honcho insisted Thursday that Microsoft "is making progress on security using any reasonable metric."
Mike Nash, the company's chief security executive, made the comment during an online chat session just days after Microsoft rolled out its biggest bunch of Windows patches since April 2004.
Nash staunchly defended the Redmond, Wash.-based developer's progress, and compared Windows' flaws with those in open-source Linux operating systems from Red Hat and Novell's SuSE.
"Even with the relatively large number of bulletins we released this week, we compare favorably," he said. "Year-to-date for 2005, Microsoft has fixed 15 vulnerabilities affecting Windows Server 2003. In the same time period, for just this year, Red Hat Enterprise Linux 3 users have had to patch 34 vulnerabilities and SuSE Enterprise Linux 9 users have had to patch over 78 vulnerabilities."
Nash also said that the number of patches shouldn't be the only criteria users apply to tell if Microsoft's doing its job. "Note that this is just one measure, and doesn't take into consideration all of the other progress we're making, with security guidance for customers, improving security manageability and introducing innovative security solutions and technologies," he said.