The latest version of Microsoft's Security Intelligence Report (SIR) has just been released. It's a comprehensive 89-page document that investigates the current threat landscape in the second half of 2010. The report attempts to analyze the latest exploits, vulnerabilities and malware using real-world data obtained from millions of systems around the world. Published two times a year by Microsoft, the SIR is envisaged to help IT professionals gain insights and guidance to better protect their organizations.
One finding that is of interest pertains to operating system infection rates. As outlined on page 8 of the full report:
As in previous periods, infection rates for more recently released Microsoft operating systems and service packs are consistently lower than older ones, for both client and server platforms. Windows 7 and Windows Server 2008 R2, the most recently released Windows client and server versions, respectively, have the lowest infection rates.
A look at the normalized data furnished in the report showed that the infection rate per 1,000 computers running Windows 7 RTM 32-bit is a mere 3.8 in comparison to the 19.3 for Windows XP SP2. The slightly newer Windows XP SP3 fared a tad better with an infection rate of 15.9. Pieced together, it is clear that Windows 7 is four to five times less likely to be infected with malware - which strikes me as impressive.
Detractors will of course argue that Microsoft has a vested interest in having as many users as possible migrate to Windows 7. While this is undoubtedly true, the far lower infection rates enjoyed by the latest version of Microsoft's flagship operating system convincingly crush the arguments of businesses still sticking with XP for the simple reason that "it still works." Unless these older workstations are located outside the corporate LAN with no Internet connection whatsoever, they are literally a ticking time bomb from a security perspective.
Moving on, another interesting nugget of information thrown out by the study is how 64-bit versions of Windows 7 and Windows Vista have infection rates that are lower than corresponding 32-bit versions of the same OS. Microsoft thinks this could be due to the appeal that the 64-bit Windows holds over the more technically savvy audience - architectural limitations mandate the use of 64-bit Windows in order to access the full capacity of systems with more than 4GB of RAM.
On a more technical note, the Redmond-based software company also noted that 64-bit versions of Windows incorporates a feature called Kernel Patch Protection (KPP), which protects the kernel from unauthorized modification. Microsoft says KPP could have contributed to stopping certain types of malware in their tracks.