The latest version of Microsoft's Security Intelligence Report (SIR) has just been released. It's a comprehensive 89-page document that investigates the current threat landscape in the second half of 2010. The report attempts to analyze the latest exploits, vulnerabilities and malware using real-world data obtained from millions of systems around the world. Published two times a year by Microsoft, the SIR is envisaged to help IT professionals gain insights and guidance to better protect their organizations.
One finding that is of interest pertains to operating system infection rates. As outlined on page 8 of the full report:
As in previous periods, infection rates for more recently released Microsoft operating systems and service packs are consistently lower than older ones, for both client and server platforms. Windows 7 and Windows Server 2008 R2, the most recently released Windows client and server versions, respectively, have the lowest infection rates.
A look at the normalized data furnished in the report showed that the infection rate per 1,000 computers running Windows 7 RTM 32-bit is a mere 3.8 in comparison to the 19.3 for Windows XP SP2. The slightly newer Windows XP SP3 fared a tad better with an infection rate of 15.9. Pieced together, it is clear that Windows 7 is four to five times less likely to be infected with malware - which strikes me as impressive.
Detractors will of course argue that Microsoft has a vested interest in having as many users as possible migrate to Windows 7. While this is undoubtedly true, the far lower infection rates enjoyed by the latest version of Microsoft's flagship operating system convincingly crush the arguments of businesses still sticking with XP for the simple reason that "it still works." Unless these older workstations are located outside the corporate LAN with no Internet connection whatsoever, they are literally a ticking time bomb from a security perspective.
On a more technical note, the Redmond-based software company also noted that 64-bit versions of Windows incorporates a feature called Kernel Patch Protection (KPP), which protects the kernel from unauthorized modification. Microsoft says KPP could have contributed to stopping certain types of malware in their tracks.