"I think XP even had one or two months with fixes dropped [there were no XP bulletins released in January 2002], so reducing the number of months with fixes from like 13 to 10 would be great for organizations."

Oliver Friedrichs, director of security response, Symantec Corp.

"It's just too early to tell. Certainly, just as with XP SP2, some of the improvements in Vista will make an improvement in the number of security vulnerabilities and the [in]ability of attackers to exploit them. But the volume of new code in Vista makes it hard to predict what we'll see.

"I am sure, though, that hackers are already hammering away at the OS. I don't expect it to be bug free.

"What we need to remember, however, is that over the last decade, relatively few of the vulnerabilities released had been leveraged by attackers. The rest are largely irrelevant. So if those 15 are critical vulnerabilities, things may not be any different than with XP.