News 

Richard Ford, a computer-science professor at the Florida Institute of Technology and Herbert Thompson, director of security research and training at Security Innovation, claim that Red Hat's Linux is vulnerable for more than twice as long as Windows.

Servers running Windows Server 2003 and Red Hat Enterprise Server 3 were tested for security with databases, scripting engines and Web servers.

They took into account the number and severity of vulnerabilities

However, the systems were set up in their most basic configuration - and Microsoft's Windows Server 2003 includes a range of features to help on the security front such as wizards that walk the admin through configuring the system for different workloads: web server, database and so on.

But with any system, security is something to be managed, rather than 'turned on' and forgotten. Red Hat's system can easily be configured for better security, and has launched Red Hat Enterprise Server 4 which incorporates a range of features from SELinux.

Red Hat also claims that it is not just the number of vulnerabilities that are important, but the criticality, and publishes figures showing that it rather than Microsoft comes out on top.

The researchers claimed they wanted to dispel the vehement and near-religious arguments as to the virtues of one system against another. No doubt both parties will use this to fuel the fires rather than stamp them out.