Anyone who tracks security vulnerability reports knows of the ridiculous amount that reference holes in Linux. For whatever reason this is never talked about and Linux gets this magic aura of invulnerability. Part of the confusion lies with the complexity of the open source Linux model that separates Linux "Distributions" from Linux "Kernel" vulnerabilities. Now if you start looking into and adding up Linux "Distribution" vulnerabilities that can take you into the hundreds upon hundreds of security holes that are never talked about. To simplify things I took the latest Linux Kernel v2.6.x and compared it to Windows XP. This is more than a fair comparison for the shocking results to follow.
As with Firefox, Linux vulnerabilities are frequently lumped together in single advisories misleading the true vulnerability count:
Windows XP -170 Advisories = 213 Vulnerabilities.
Linux Kernel v2.6.x - 108 Advisories = 231 Vulnerabilities.
Even with open source advocates finally admitting that Linux is insecure they still try to claim it is more secure than Windows. Too bad this is now proven to be another myth.
Windows XP is more secure than Linux and sexier ;)