"...according to figures from Microsoft."
Enough said!
UK-based Windows XP users were six more likely to actually be infected than their counterparts who use more recent versions of Windows, according to figures from Microsoft. The company is likely trying to highlight the infection rates of the 12-year-old OS as a way to get customers to upgrade. It says that 9.1 of 1,000 XP (SP3 …
It's also likely that a fair number of companies still on XP have limited IT budgets to maintain their hardware & software. I mostly see XP in charities and organisations that buy in IT support and consultancy three or four times a year when something goes wrong, and whose IT security policy involves locking the front door when they leave for the day. I migrated a small NGO with around 12 computers from a mix of XP and Vista machines (and one Ubuntu box that noone could explain the existence of) to Windows 7 a couple of years ago, and they didn't even have a password on their WiFi (which explained the number of tourists sitting outside their very centrally placed office with their laptops).
Registered charities can get Windows dirt cheap from Microsoft. I've been looking into upgrading some server software for a charity I do some work for, as it happens we're going to move from Windows 2003 to CentOS Linux, but that is at least as much because the hardware is 32bit proliant, as it is any other reason.
...near me who can do MS Reseller Windows 7 Pro Licenses for not a great deal plus a decent dual core 2008 spec Dell Lattitude PC for about £70 to run it on.
I am constantly amazed by the number of small businesses that when I go visit to look at their IT setup, state they cant afford any new IT, too expensive, they only bought it all 2 years ago (read 6), scrimping and saving, worlds smallest violin etc.
Yet I walk past the big house, the M3 in the drive and the new leather sofa being delivered. Or they are an IFA!
If you cannot afford a few hundred quid for new IT from your business contingency budget then..well...what are you doing running a business?
Oh and quit running your business whilst owning only one laptop! Amazed how so many do not have a backup laptop or desktop system to run on.
Good for you Charles, great if you can wait for delivery or live next door to John Lewis. Great if you know how to setup a laptop and transfer 2GB of Outlook 2007 email or Outlook Express into the new world. Migrate Sage accounts or ACT to a new machine or a new OS.
A lot of folks don't.
But they dont think about it until it happens. And in my experience very few still use the cloud in the small business arena. in fact many have just discovered USB sticks.
It maybe 2013 in your tech warren but for the average person it's still 2005.
... is still nothing.
Not every XP instance has an internet connection. Some are used solely for dedicated purposes and wouldn't recoognise a connection if it snuck up and inserted itself firmly in their ethernet port.
For boxes (or virtual instances) like this, XP is still perfectly good. In fact, once you remove, or never install, all the malarky involved with keeping the O/S "safe": a euphemism for working around all the security bugs and bad design, it's storms along, incredibly fast.
Just don't plug anything into it.
Along those same lines, I wonder how much of that malware would be eliminated if they were running IE9 instead of IE6 or IE8?
And given the number of corporate web apps that require IE6, maybe MS should release a version of it that runs side by side with IE9 but is restricted to only approved domain connections which are set by group policy. Still a kludge, but maybe a better kludge than what they have.
And along the same lines how many times did user's decide to proceed to a site IE flagged as a known source of malware...
This is the real problem with these FUD reports, their real purpose is to encourage sales of Win8 etc. rather than seriously look at the security issue.
From my experience, I suspect that whilst removable media is still an issue, the major threat vector is internet access, which in the main is controlled by a user's browser and their firewall... So the question is whether a pure MS XP system is less secure than one running third-party: firewall, security suite and browser?
Other than Vista x64, the UAC systems are pretty comparable. The high figure for XP can probably be attributed to the default login-as-administrator setup.
As for W8, the RT ghetto is immune to any malware that is an x86 executable - hardly a ringing endorsement, as it is also immune to the use of typical PC applications.
Other major causes of XP infection:
Pirate copies which refuse to operate Windows Update and don't get the holes patched (fixed by MS product activation in later releases)
Product delivered with time-limited copies of Norton Security etc (fixed by MS Security Essentials with increasing effectiveness - now baked-in on Windows 8)
The figures for Vista, which has the same underlying improved security system found in Windows 7 and Windows 8, are nearly as bad as those for XP. Now, obviously the chart is supposed to be telling users that the more modern versions of Windows are inherently safer but it can also be read as, the longer an OS is out there the riskier it is and that infection rates like those of XP are only a matter of time for Windows 8.
Hoist by their own petard some might say.
Microsoft often employed the defence that XP was so much more prevalent and therefore was more targeted as the reason why it had so much more malware than its competitors, not that it was more insecure. However they are now saying that XP is really insecure as a reason to migrate away. They can't now use the defence that more users on Win7 or more likely Win8 is safer, because surely that would make Win7 & Win8 so much more targeted?
There's no amnesia more acute than PR
Except that each new version of Windows has included more security features than the previous one.
DEP, memory randomisation etc. came with Vista and 7, UAC came with Vista etc.
Compared to the newer versions XP is less secure. Go back to when XP was the current OS, it was more secure (after SP2) than Windows 2000 or 9x, because they had worked hard on security.
Security is a moving goal. By the time Windows 10 is around, it will have better built-in security than Windows 7 and 7 will look like the proverbial sieve. It just helps the PR people get their point across.
The same goes for Linux, look at the Kernel logs to see how many flaws are patched with each new release. If you compare a Linux box from the time of XP's release to a current one, you'll find a lot of open flaws that make the box easily exploitable, which have been patched over the years and the new box will be more secure "out of the box".
This post has been deleted by its author
This post has been deleted by its author
>That's because anyone running XP 64-bit has to be a freaking wizard to get any drivers to work with it!
[Casts furtive glances both ways] Yes, yes, I is a wizard. [More shifty staring]
PS: Don't tell anyone that 99.5% of computer security is knowing where to get your porn - at least for us wizards.
XP doesn't implement any of the stuff that was part of Microsoft's Trustworthy Computing initiative - UAC, privilege escalation, IP filtering, anti-phishing, address space randomization, driver signing, secure boot etc.
It would mean that somebody using Windows Vista or later has greater security by default than somebody on XP. Especially since the person on XP is probably running as local administrator all of the time because installers and suchlike don't work unless they do.
The biggest security threat still remains - the user. Malware could still convince someone to click and run a program regardless of what security measures the OS implements. e.g. someone I was speaking to recently was almost scared into clicking on a popup which warned their computer was being monitored for illegal activity. If they had clicked (and I assume a lot of people do) undoubtedly it would initiated some kind of malware / ransomware attack.
"It would mean that somebody using Windows Vista or later has greater security by default than somebody on XP. Especially since the person on XP is probably running as local administrator all of the time because installers and suchlike don't work unless they do."
Xym, did you actually look at the charts ?
64bit Vista has comparable rates of infection to 32bit XP... I'd love to know why that is the case. :)
You're comparing 64-bit Vista to 32-bit XP.
I don't know the reason. Maybe there was a security hole in their Windows on Windows (WOW) layer - the thing that thunks 32-bit software onto the 64-bit OS. e.g. address space randomization or something. Or maybe Vista 64 users were more inclined to disable UAC and run with admin privileges for some reason.
Whatever it was, it doesn't appear to have affected subsequent releases.
I have a new customer with a few Windows 7 PCs in a small office.
I set the users up as non-admins.
On my last visit, I found someone had switched off UAC on most of the PCs (which I switched back on).
The customer has been installing some apps themselves, so proably PEBCAK as per usual.
Running with admin rights is the main culprit I suggest, especially if UAC switched off.
Exactly. I also wonder how many people on here let their kids use a full admin rights computer at home. And rely on a system heavy anti-virus to guard against any threat.
In general though, people should stop going to dodgy web sites, and stop downloading hacked software! Take the view that they ALL have malicious code in them somewhere. Oh and stop putting your email address on competition sites, you're not going to win that iPad, you're going to win advertisement emails from all over the world, and crap knows what else.
wild theory: running 64-bit VIsta in 2013 is a sign of ignorance.
Back in the day Vista 64-bit was unpopular due to the lack of drivers and it was mostly used by early adopters. The latter have now moved on to 8.1, and I think that may mean that the remaining 64-bit Vista installations are purchases by clueless friends and family on the advice of early adopter "computer enthusiasts". Early adopters also had a penchant for disabling UAC because it got in the way of installing shareware downloaded from random internet sites.
I suspect that this is the same AC who always says this, but when challenged provides references to statistics on Web defacements.
There are vulnerabilities in Linux. Many are discovered and posted as a result of code examination (when people started looking for memcpy calls on unbounded buffers a few years back, there was a huge jump in the number of vulnerabilities reported against Linux, even though many of them were unlikely to be exploitable. We just don't know how many of these are present in Windows.
But as a basic desktop box, the protection that UAC provides on Windows Vista+ has pretty much always been there on Linux since it became popular. And as a result it is axiomatic that Linux is more secure for day-to-day use. And out-of-the-box, Linux is much safer to connect to the Internet because fewer services are turned on by default. This is something Microsoft have taken on board in recent Windows releases.
Of course, there are still exploits that take advantage of the wetware, but they will be present on any OS unless it is so locked down that the users cannot do anything.