I'd like to know a bit more

You see, it occurs to me that the figures are roughly what I'd expect, given the sort of user of the respective operating systems and the age of the systems.

Think about it. Who's likely to be running 2k these days? 2003 Server? Probably people who have a clue...

Both have low vulnerability ratings... Could it possibly be that the users have set them up rather better than the XP/Vista users? Despite the fact that a 2k system has almost certainly been around longer than any of the others. And 2003 isn't exactly new, is it?

As for the Vista/XP difference. Could it possibly be that copies of XP will tend to have been running longer, with less than savvy users? Accumulating more vulnerabilities? I'm not popping at XP YOU, as an XP user either - I'm one too - but just look at the competence of your average XP user!

And copies of Vista simply not having been around as long, regardless of the competence of their users, simply not been running long enough to accumulate vulnerabilities?

And how about the vulnerabilities as a fresh install with default settings?

Or the level of security patch application?

OK, let's do a 'survey'. Comparing Apricots, Sardines, Fish fingers and Belt buckles... Comparing them measuring the same parameters. Taking no account of their use, age.... Um, get the idea?

99% of statistics a useless. 98% of statistics might as well be made up. The other 1% are lies.