Windows XP less infected than newer versions during the last three months, but that doesn’t mean it’s any more secure
Computers running Windows 7 or Windows Vista are more likely to have been infected by malware during the fourth quarter of 2013 than Windows XP, but this does not mean that the aging operating system is more secure than newer versions, say experts.
According to figures published in Microsoft’s most recent Security Intelligence Report, the number of Windows Vista machines on which malware was detected jumped from 5.3 per 1,000 to 32.4 quarter-on-quarter, while the number of infected Windows 7 computers increased from 4.9 to 25.9.
In contrast, Windows XP infections increased from 9.5 machines per 1,000 to 24.2, while Windows 8 rose from 2.1 to 17.3. Windows 8.1 systems were the least impacted with just 0.8 computers per 1,000 detected to have malware.
Windows XP Malware
Microsoft says the number of infections was especially high during Q4 because of the influence of the Win32/Rotbrow Trojan and that it expected the numbers to return to normal during 2014. It adds that the figures were “normalised” – they were calculated by using an equal number of computers for each version so they weren’t skewed by different-sized user bases.
The figures might be seen by some as evidence that the recently-retired Windows XP is more stable and secure than its successors, but security expert Graham Cluley says this isn’t the case and that not all malware relies on loopholes and vulnerabilities.
“The truth is that – if configured correctly – Windows 7 can provide better security than Windows XP,” he says. “For instance, users of more modern versions of Windows can take full advantage of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a utility that can block malware successfully exploiting zero-day vulnerabilities, and make life harder for attackers.
XP ‘not more secure’
“It should also be remembered, of course, that not all malware relies upon vulnerabilities and security holes. A large number of the malware attacks seen use simple social engineering techniques that trick users into making poor decisions, such as clicking on a malicious link or running a malware-infected file that has been sent to them.”
Cluely also says that the instances of Windows XP malware are likely to increase now that support for the platform has officially ended and that Microsoft is unlikely to include the operating system in future reports.
“The statistics in Microsoft’s report cover a period when Windows XP was still receiving security updates from Microsoft,” he adds. “Going forward we can expect XP computers to become more and more riddled with malware as security holes are left unpatched.”
However due the ongoing popularity of Windows XP, Microsoft has agreed to provide a basic level of cyber security support until July 2015. This includes malware signatures for Microsoft Security Essentials, System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune, while a number of Chinese IT firms have also pledged to support XP after the cut-off date and the British government has also secured a 12 month extended support contract.
UPDATE: Microsoft has provided TechWeek with some additional information regarding the latest figures. It says that the Rotbrow Trojan, which uses social engineering instead of software vulnerabilities, was probably more prevalent on Windows 7 and Windows Vista for monetisation purposes and stresses that the rise in computers cleaned is not an indication of security effectiveness.
It adds that detections of Rotbrow dereased after December 2013 once infected systems were cleaned and reiterated that it expects figures to return to more normal levels in future quarters. The company also urges anyone using Windows XP to upgrade to a more modern operating system to better protect themselves.
What do you know about Windows XP? Find out with our quiz!