According to the United States Computer Emergency Readiness Team (US-Cert) 2005 year-end index, Unix/Linux racked up more reports of vulnerabilities compared to Windows.
Security professionals, however, argue that the numbers alone don't tell the full story, and that a properly configured Unix/Linux server is likely more secure than a Windows server.
US-CERT's year-end compilation found 5198 reported vulnerabilities in 2005. Of that number, 2328 of them were for Unix/Linux (45 percent), 2058 were multiple operating system vulnerabilities (40 percent), and 801 were for Windows (15 percent).
Panda Software CTO Patrick Hinojosa said he doesn't think the raw numbers tell the whole story. "*nix vulnerabilities cover a wide range of actual OS's and that would tend to mitigate the ability to exploit these," Hinojosa told internetnews.com. "In addition, when I examined the vulnerabilities listed, the ones in Windows are probably more problematic given that the given Windows user is going to be much less security aware that the typical *nix user," he said. "Considering all factors, I would feel more confident in a Unix server that is locked down than in a Windows server."