I have just published an article about Vulnerabily Engineering in Wintercore’s blog (spanish version in 48bits.com). It focuses in applying Software Engineering metrics to the world of Vulnerability Research which can give us an idea about how Reliable a Software Product is.
In this article I analyze five applications Microsoft’s Explorer, Sun’s Java JRE, Apple’s QuickTime, HP NodeManager and Adobe Reader. The conclusion I formulated after writing the article was that the reliability of Software Product is too low to be even bad.
QuickTime’s users are 99% of the time exposed to at least one unfixed vulnerability, which I think should ban this products for almost all computers.
I hope you enjoy the article.