In the recent release of the Microsoft Security Intelligence Report (or SIR), Microsoft found that Windows Vista and Windows 7 have a significantly lower infection rate than that of Windows XP. In fact, Windows 7 has a 5x lower infection rate than Windows XP SP2, and 4x lower infection rate than Windows XP SP3.
Those figures are for the 32-bit version of Windows, so the infection rate for the 64-bit version of Windows 7 is nearly 8x and 6x less than that of Windows XP SP2 and SP3, respectively.
While some may point out that Windows XP still has a bigger market share than Windows 7, I would like to point out that this data is “normalized,” or as Microsoft says on page 35 of the report: “the infection rate for each version of Windows is calculated by comparing an equal number of computers per version (for example, 1,000 Windows XP SP2 computers to 1,000 Windows 7 RTM computers).”
As you can see, 64-bit infection rates are lower than their 32-bit brethren, which is likely due to a feature only available in the 64-bit version of Windows called Kernel Patch Protection (KPP). This feature prevents any modification to the Windows kernel, and if such a thing were to occur, the computer would shut down before any damage occurred. Another possible reason for having lower infections rates, according to the report, is “that 64-bit versions of Windows still appeal to a more technically savvy audience than their 32-bit counterparts.”
Now on to Internet Explorer 9, and information about the latest security feature of Internet Explorer 9: Application Reputation.
Internet Explorer blocks anywhere from 2 to 5 million malware attacks per day for IE8 and IE9 users, according to a blog post by the Internet Explorer Team. Since IE8 was released, SmartScreen has blocked over 1.5 billion attempted malware attacks.
IE7 was the first version of the browser to ship with SmartScreen, which was merely a URL-based reputation service to prevent phishing attacks. When IE8 came out, another protection mechanism was added, this time protecting against malware downloads. Just like the phishing filter introduced in IE7, IE8′s malware detection feature was also URL-based — so if the URL of the malware changed, it would no longer be identified as such.
Finally in IE9, a new feature called SmartScreen Application Reputation was introduced, which decided whether a file was malware or not by the hash of the file, along with the digital signature of the file as well. This allows IE9 to better inform users as to whether or not the file they are downloading is dangerous, because “When it comes to program downloads, other browsers today either warn on every file or don’t warn at all. Neither of these approaches helps the user make a better decision.”
Microsoft has found that out of every 14 programs downloaded, at least one is later identified as malware. IE9 can prevent new malware attacks before security products have the chance to receive a new definition which would see such files as malware, meaning IE9 can help protect users in the case that security solutions cannot. This is thanks to the unknown file warning bar that appears in Internet Explorer.
Some may find such a warning annoying, but 90% of downloads no longer show such warnings due to the data they currently have collected. Not only that, but Microsoft’s data also shows a user will only see such a warning two times per year.
What happens if someone decides to run an unknown program anyways? There is data for that: “clicking through the ‘unknown warning’ carries a risk between 25% and 70% of malware infection.”
The Take Away
The takeaway is simple: keep your computer operating system up to date. Windows XP is lacking in major security features, causing it to have much higher infection rates than any other Windows operating system on the market. While it can be expensive to upgrade your operating system, such as if you need to buy a new computer entirely, it may be worth it if you have a family who have a poor sense of security.
Also, if you know someone still running Internet Explorer 8, prod them to update to Internet Explorer 9, it is free, after all.