“Windows Vista is better at protecting against malware than XP but more easily infected than Windows 2000, according to a study by Australian anti-virus firm PC Tools. [...] Recent research based on malware scans of more than 1.4m PCs running PC Tools’ ThreatFire security technology over a period of six months turned up 639 threats per 1,000 PCs running Windows Vista compared to 1,021 threats per 1,000 Win XP boxes and 586 for 1,000 machines running Windows 2000.” — writes John Leyden at The Register.

I think it is very dangerous delusion. First of all, the difference between 639 and 586 is not big and can be easily explained. Here is my logical sequence of simple assertions:

• Nowadays the easiest way to get infected is to catch some trojan/spyware/etc. via the browser while surfing the Internet or via the mail program.
• Internet Explorer is the most popular browser and Outlook is the most popular mail agent among Windows users. HTML parsing engine of Outlook is based on IE.
• Latest version of IE is much more complex than the earlier one. This means there are more possibilities for hackers to compromise it.
• Newest web-intrusion techniques are mostly intended for the latest version of IE.
• Users of Windows 2000 cannot install IE 7.0. Some of the security work in IE7 relies on operating system functionality in XP SP2+ that is non-trivial to port back to Windows 2000. In other words, there is no version of IE7 for Windows 2000.
• All above means the newest zero-day and other threats which can be found on the malicious web-pages or in HTML-formatted emails are not so “popular” (though they can be much more dangerous) for Windows 2000 SP4 (with all updates) users. Hackers do not stay on one place, they are inventing new and new methods to break the latest protection mechanisms. They will not spare their efforts on the outdated and not supported since 2005 operating system.

Secondly, a lot of immaterial trifles are often included to “malware” notion. Really serious threats which can lead to complete remote control of a target system by an attacker, should be considered at first place. As a rule, they are installed on system kernel level and require administrative privileges. Most Windows 2000 users work as administrators by default, so they are vulnerable to any kind of threats. In Windows Vista this vital problem is solved by User Account Control technology. So Vista is definitely much more secure than Win2000 and I don’t understand PCTools’ attempt to overthrew this axiom by far-fetched conclusions in their survey.

Tags: malware, vista, vulnerabilities