When simply counting numbers, it makes no distinction between "wide open, gaping hole that lets a remote user take over your entire machine" and "may be able to read private data if the attacker has already gained access to the machine". But those are radically different security threats.
Oh, and this is a laugher, too:
The primary vulnerabilities on PCs are not due to Microsoft programs, but rather third-party programsBut those third party programs are exposing holes in the underlying OS protection. Besides, it also fails to note that most Mac "vulnerabilities" are due to the third-party BSD Unix system that Mac OS X is built on, many of which's utilities are rarely, if ever, used by most desktop users.
Safari is 3rd party? I thought Apple created Safari For three years in a row Safari has led to OSX being the first machine hacked in the pawn2own contest. I guess if that's 3rd party IE must be 3rd party for windows as well.
Exactly. The report from Secunia points this out explicitly with the following comment:
The above graph is not an indication of the individual vendors security, as it is not possible to compare the vendors based on number of vulnerabilities alone. To assess the performance of vendors in terms of vulnerabilities one should rather look at the changes in the type of vulnerabilities, code quality, handling of vulnerability reports, ability to update users, quality of patches, ability to communicate to end users, number of products, complexity of product portfolio, and other factors which cannot be read out of mere aggregate numbers.Simply quoting raw numbers measuring one narrow graph is meaningless. It is necessary to take all the rest of those factors into consideration.
I'd agree in general; however, Apple released a patch just a few weeks ago that contained something like 35 arbitrary code execution vulnerabilities in their Safari browser. ACE holes are particularly nasty, as the hacker can end up doing anything they want. And with those holes being in Safari, it means simply browsing to a website could compromise your entire system.