Computers running Windows 7 or Windows Vista are more likely to have been infected by malware during the fourth quarter of 2013 than Windows XP, but this does not mean that the aging operating system is more secure than newer versions, say experts.
According to figures published in Microsoft’s most recent Security Intelligence Report, the number of Windows Vista machines on which malware was detected jumped from 5.3 per 1,000 to 32.4 quarter-on-quarter, while the number of infected Windows 7 computers increased from 4.9 to 25.9.
In contrast, Windows XP infections increased from 9.5 machines per 1,000 to 24.2, while Windows 8 rose from 2.1 to 17.3. Windows 8.1 systems were the least impacted with just 0.8 computers per 1,000 detected to have malware.
The figures might be seen by some as evidence that the recently-retired Windows XP is more stable and secure than its successors, but security expert Graham Cluley says this isn’t the case and that not all malware relies on loopholes and vulnerabilities.
“The truth is that – if configured correctly – Windows 7 can provide better security than Windows XP,” he says. “For instance, users of more modern versions of Windows can take full advantage of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a utility that can block malware successfully exploiting zero-day vulnerabilities, and make life harder for attackers.
“It should also be remembered, of course, that not all malware relies upon vulnerabilities and security holes. A large number of the malware attacks seen use simple social engineering techniques that trick users into making poor decisions, such as clicking on a malicious link or running a malware-infected file that has been sent to them.”
Cluely also says that the instances of Windows XP malware are likely to increase now that support for the platform has officially ended and that Microsoft is unlikely to include the operating system in future reports.
“The statistics in Microsoft’s report cover a period when Windows XP was still receiving security updates from Microsoft,” he adds. “Going forward we can expect XP computers to become more and more riddled with malware as security holes are left unpatched.”
However due the ongoing popularity of Windows XP, Microsoft has agreed to provide a basic level of cyber security support until July 2015. This includes malware signatures for Microsoft Security Essentials, System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune, while a number of Chinese IT firms have also pledged to support XP after the cut-off date and the British government has also secured a 12 month extended support contract.
UPDATE: Microsoft has provided TechWeek with some additional information regarding the latest figures. It says that the Rotbrow Trojan, which uses social engineering instead of software vulnerabilities, was probably more prevalent on Windows 7 and Windows Vista for monetisation purposes and stresses that the rise in computers cleaned is not an indication of security effectiveness.
It adds that detections of Rotbrow dereased after December 2013 once infected systems were cleaned and reiterated that it expects figures to return to more normal levels in future quarters. The company also urges anyone using Windows XP to upgrade to a more modern operating system to better protect themselves.
What do you know about Windows XP? Find out with our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…