October 10, 2012
Windows 7 Malware Infection Rates Climb, Still More Secure Than XP
Michael Harper for redOrbit.com — Your Universe Online
Microsoft released a new Security Intelligence Report (SIR) this week, revealing some very disturbing facts about their latest operating system and malware.
According to their own numbers, the rate of malware infections on Windows 7 machines increased by 182% this year alone. Once touted as the most secure Windows OS, Microsoft is now saying as more people migrate to their yet-to-be-released Windows 8, Windows 7 machines are becoming more vulnerable. Elsewhere in the report, despite Windows 7´s sharp increase in malware infections this year, it seems hackers still much prefer the 11-year old Windows XP.
Malware infections skyrocketed in the second quarter of 2012, with Windows 7 machines anywhere from 33% to 182% more vulnerable than Windows 7 machines in the same time frame in 2011. The release to manufacturing (RTM) version of Windows 7, or the version which was originally shipped in 2009 without any upgrades, also become more vulnerable to attack this year: The 32-bit edition was 33% more vulnerable while the 64-bit was 59% more vulnerable than in previous years.
What´s worse, Windows 7 Service Pack 1 (SP1), which shipped in February, was 172% more vulnerable (32-bit) and 182% more vulnerable (64-bit).
Microsoft has millions of reasons to explain why these malware infections have increased so dramatically in the last year: Namely, the users.
According to their data, those customers who are more likely to install the latest versions of the OS are also the most likely to stay current with security updates.
Therefore, says Microsoft in the report, now that the install base of Windows 7 has grown, those new users who aren´t on the cutting edge of technology are neglecting to stay up-to-date, thus affecting the overall numbers.
In an interview with Computerworld, Tim Rains, Microsoft´s Trustworthy Group director blames not only the users, but those who write the malware as well.
"There are several factors at play here. In XP, for example, we've seen infection rates go up because of particular pieces of malware that are more effective on that platform," said Rains. "[And] in different places in the world, [users'] ability to keep Windows up to date varies greatly."
Though Rains wanted to spread the blame to both attackers and victims, other security researchers agreed the main issue at hand was the large and recent adoption rates.
"Windows 7 has really been the first platform adopted by both enterprises and consumers, and that kind of adoption hasn't happened in quite some time for Microsoft," said director of security operations at nCircle Security, also speaking to Computerworld.
"Given the market movements, it's likely that the attackers follow."
Elsewhere in the report, Microsoft has discovered the most likely kind of dirty software to attack both the RTM and SP1 versions of Windows 7 belong to the Win32/Keygen family, especially “Miscellaneous Potentially Unwanted Software.”
Worms were the second most likely form of dirty software to attack the RTM version of Windows 7, with Dorkbot coming in at number 3. The Dorkbot worm is most often spread via social networking sites, often tricking users into clicking links by hacking into one users account and sending these dirty messages to the entire contacts list.
The most recent Microsoft SIR report also found the United States had the largest increase of malware detections over the last quarter, an increase of 32.6% over the same time last year.
Microsoft´s latest version of Windows, Windows 8, is slated for release on October 26th.