Share via

Windows Vista and Malware

  • Article

Hi, Austin Wilson here. Recently there have been some questions raised about the susceptibility of Windows Vista to malware – specifically, that it’s more susceptible to malware than Windows 2000. I’d like to show why we reject that claim. We study the malware space very carefully and publish our results twice a year in the Security Intelligence Report. This report is compiled from statistics on malware infections based on over 450 million executions of the Malicious Software Removal Tool (MSRT) every month. Microsoft is a member of AMTSO (Anti Malware Testing Standards Organization) and its charter includes defining test methodology so that there is a minimum quality bar to all testing of this type.

Our results published in the April 2008 version of the Security Intelligence Report show that Windows Vista is significantly less susceptible to malware than older operating systems. In fact, from June – December 2007, using proportionate numbers, the MSRT found and cleaned malware from 60.5% fewer Windows Vista-based computers than from computers running Windows XP with Service Pack 2 installed. How about Windows 2000? Using proportionate numbers, MSRT found and cleaned malware from 44% fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77% fewer than from computers running Windows 2000 SP3. Note that the Windows 2000 numbers include both Windows 2000 client AND server versions, while the Windows XP numbers of course are only clients. Servers tend to be less likely to get infected with malware as many of them are in data centers and aren’t used for general web surfing or other day to day tasks.

Does this mean that anti-malware software isn’t necessary? Absolutely not. No software is perfect. While we have many defense-in-depth improvements in Windows Vista, it’s critical for consumers to follow the Protect Your PC guidance of keeping the firewall turned on, keeping the operating system up to date, and having up to date anti-virus and anti-spyware software.

It’s worth mentioning just a few of the defense-in-depth improvements and features that are in Windows Vista that aren’t included in Windows 2000: DEP, ASLR, firewall on by default, Windows Defender, IE hardening, User Account Control, Windows Security Center, parental controls etc…

We’re always looking for ways to improve our studies, so please feel free to make suggestions on what you’d like to see. For feedback on the Security Intelligence Report, send email to sirfb@microsoft.com. Likewise, we welcome and encourage feedback from the community to make our products better, so comment on this blog entry if you have suggestions.

 - Austin

Comments

  • Anonymous
    May 12, 2008
    PingBack from http://www.basketballs-sports.info/better-basketball/?p=983

  • Anonymous
    May 12, 2008
    Microsoft needs to make Internet Explorer 7 run in "Protected Mode" in Vista's "Full Priveledged Administrator Account." It's really stupid that it doesn't. Just like it was stupid to purposely leave a bug in Internet Explorer that purposely affected Mozilla Firefox users , so people would use Internet Explorer instead of Firefox. Sorry Microsoft , but Firefox is superior to any version of Internet Explorer , so is Opera . All computer magazine's agree with me on this .

  • Anonymous
    May 13, 2008
    You can also see my comments on the recent The Registers' publication regarding PC Tools' survey: http://dkudin.spaces.live.com/blog/cns!5ACDFAF6B73AF165!135.entry

  • Anonymous
    May 16, 2008
    Sunshine... 80 degrees... must leave the office.... Here's the reading list... Have a good weekend. ITP

  • Anonymous
    May 24, 2008
    Hey Vista team, I read on this blog this: This feature displays the time of the last successful interactive logon, and the number of failed logon attempts since the last successful logon, during a successful interactive logon. This will enable a user to determine if the account was used without his or her knowledge. I tried searching the net but couldn't find more info. Can you write a blog post giving more information on this?

  • Anonymous
    May 26, 2008
    Can we have the security statistics based on Viusta Sp1?

  • Anonymous
    May 26, 2008
    Can we have the security statistics based on Vista Sp1?

  • Anonymous
    June 04, 2008
    Dear Austin, Will Registry and File Virtualization still be in Windows 7, (or the next version of Windows anyway)? I sure hope NOT! Yes keep UAC but need to force developers like me to use elevation via manifests or launce of a COM process. I would rather have my application 'break' than to learn months later that my writes to HKLM are going into a virtual registry key. Don't you agree? Enjoyed your video on UAC. Btw. Cheers, KeBugCheck(42);

  • Anonymous
    June 22, 2008
    Re: Keith "Sorry Microsoft , but Firefox is superior to any version of Internet Explorer , so is Opera . All computer magazine's agree with me on this" Of course, some people will agree with this - but I can assure you that there are still plenty of IE7 supporters. I use both FF and IE, and there are large pros and cons for both. The only reason I'd pick FF3 over IE7 at the moment is if I needed some of the plugins.

  • Anonymous
    June 28, 2008
    cherche comment enlever les virus sur mon pc

  • Anonymous
    June 28, 2008
    cherche comment enlever les virus sur mon pc

  • Anonymous
    July 11, 2008
    Note that many many more companies and individuals were using XP than were using Vista in June-December 2007, either because they haven't bought a new computer recently, haven't purchased an upgrade, or were avoiding it because of known problems with Vista.

  • Anonymous
    July 11, 2008
    Vista just FORCED a reboot. I am astonished at how bad MS are. I am apoplectic at what you think it's acceptable to do to your users. People use MS OS for critical things and you do that. People will die because of a 'feature' like this and you should be looking very carefully at the corporate manslaughter laws that there are around the world. I, like most people, am straining at the bit for a realistic alternative to MS OS and will jump on it when it arrives and then will just have to concentrate on trying to expunge all the traumatic experiences from my memory.

  • Anonymous
    August 26, 2008
    I'm not sure that the numbers given provide a convincing argument for the security of Vista against malware.  Since the vast majority of people are running Windows XP, it simply makes sense that there was more malware cleaned from XP machines simply because more XP machines were scanned! No mention is made of the raw number of machines of each type that were scanned so in the absence of any additional information it seems to me that the claim that Vista is more resistant to malware than XP or Windows 2000 is unfounded based upon the comparison of these percentages. "MSRT found and cleaned malware from 60.5% fewer Windows Vista-based computers than from computers running Windows XP with Service Pack 2 installed.  How about Windows 2000?  Using proportionate numbers, MSRT found and cleaned malware from 44% fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77% fewer than from computers running Windows 2000 SP3."

  • Anonymous
    September 29, 2008
    Great post, really helped me understand, thanks!

  • Anonymous
    October 16, 2008
    The think is this just doesn't really do it for me, prefer something a little less... mainstream.

  • Anonymous
    October 16, 2008
    3rd party solutions offer much better security in my opinion.

  • Anonymous
    November 07, 2008
    Keeping it running sufficiently. When I first got my computer I didn’t realize how important having antispyware was to keeping it running sufficiently. However, it didn’t take very long for it to become perfectly clear. If you don’t have a good scan you will have many problems that could be avoided so easily. Search-and-destroyAntispyware is a great option when it comes to scanning for bugs that will help you keep your computer running at its peak efficiency. The antispyware solution from Search-and-destroywhich you will find at Search-and-destroy/antispyware.html will help give your PC the protection it needs to keep it in good working condition.

  • Anonymous
    November 13, 2008
    really helped me understand. thanks!

  • Anonymous
    December 05, 2008
    Vista have less problems but is to glossy than XP. I am staying away from Vista because is causing me problems. XP is more clear than Vista as OS.