Windows 7 malware infection rate significantly lower than Windows XP

By Tom Warren, on 15th May 11 11:20 am with 4 Comments

Average quarterly infection rate by operating and service pack in 2010 - Microsoft

A new report has revealed that Windows 7 malware infection rates are significantly lower than Windows XP.

Microsoft’s latest Security Intelligence Report, available for download here, provides information on Windows, application and web security in the year 2010. The report reveals that Windows XP SP3 has an average infection rate of 15.9 computers per thousand. Vista halves the figure to 7.5 and Windows 7 pushes it to just 3.8. The 64-bit editions of Vista and Windows 7 knockdown the infection rate even more with 5.3 and 2.5 infections per thousand computers respectively. The figures mean that the 64-bit edition of Windows 7 is 6 times less likely to be infected than Windows XP.

Microsoft explains the lower infection rate on 64-bit editions in its report. “One reason may be that 64-bit versions of Windows still appeal to a more technically savvy audience than their 32-bit counterparts,” says Microsoft. “Kernel Patch Protection (KPP), a feature of 64-bit versions of Windows that protects the kernel from unauthorized modification, may also contribute to the discrepancy by preventing certain types of malware from operating.”

CCM trends for 32-bit versions of Windows XP, Vista and Windows 7

Ghacks has picked out some interesting points from Microsoft’s security report:

  • The United States and the United Kingdom, two predominantly English-speaking locations that also share a number of other cultural similarities, have similar threat mixes in most categories. Exceptions include Adware, which is more common in the UK, and Worms, which are more common in the US.
  • Brazil has an unusually high concentration of Password Stealers & Monitoring Tools, primarily because of the prevalence of Win32/Bancos, which targets customers of Brazilian banks.
  • China has a relatively high concentration of Miscellaneous Potentially Unwanted Software, Exploits, Backdoors, and spyware, and a relatively low concentration of Worms and Adware. China routinely exhibits a threat mix that is much different than those of other large countries and regions. Two of the most common threats in China, Win32/BaiduSobar and Win32/Sogou, are Chinese-language potentially unwanted software families that are uncommon elsewhere. The most common families in China also include a pair of exploits, JS/CVE-2010-0806 and
    JS/ShellCode, that were less prevalent elsewhere.
  • Adware dominates in France, led by Win32/ClickPotato.
  • Worms and Backdoors are unusually common in Spain. The top six families detected in Spain in 2010 were worm
  • The threat mix in Russia resembles that of the world as a whole, with the exception of an unusually low concentration of Adware, perhaps because of the highly language-dependent nature of online advertising.
  • In Germany, Trojan Downloaders & Droppers are nearly twice as common as in the rest of the world, led by Win32/Renos.
  • Korea has a large concentration of viruses, led by Win32/Parite, and worms. Viruses and worms have long been unusually common in Korea perhaps because of the popularity of public Internet gaming centers the where viruses are easily transmitted between computers and removable volumes.

Windows 7 now accounts for 32.82% worldwide usage, according to data from StatCounter. Windows Vista is on the decline with 12.56% and Windows XP is trending towards a decline with 46.22%. Windows 7 celebrated its first birthday after selling over 240 million licenses in the first year of sales. The company recently revealed it has now topped 350 million licences. Windows 7′s first Service Pack was made available in February and the company is currently working on Service Pack 2 and the next-generation version of Windows.

  • http://twitter.com/Chassit Kane Gao

    Win32/BaiduSobar = Baidu’s browser tool bar. Baidu is the ruling search engine provider in China, owning over 80% of the market.

    Win32/Sogou = Sogou (Sohu’s underling search engine) browser tool bar. Sohu is one of the leading portals in China.

    These are nasty things just like… proper equivalent in your culture (suppose most of you guys are in the US of A?) will be Yahoo tool bar and Google tool bar. Still remember the good old time that every single damn shareware or freeware has these two bastards bundled? Yeah that’s exactly what I’m talking about. 

  • Anonymous

    Good for them, glad I’m using Win7 x64.  Any Idea how this stacks up to Mac OSX and say Ubuntu, I’m sure it’s higher but by how much?

  • LeopoldButters

    Windows 7 is much more secure than Mac OSX. Let Apple do the talking: They just had to patch 40 separate instances of 23 unique security vulnerabilities, including lots of unauthenticated arbitrary code execution, memory corruptions, buffer overflows, DoS, unauthenticated information disclosures… All just this month. Pick your flavor.
    http://support.apple.com/kb/HT4581

    Ubuntu is hard to say, you need a meaningful customer base to measure that.

    • Anonymous

      It’s more secure yes, but Windows is also much more targeted because of it’s popularity. 
      That means there are many more attempts on windows, but most aren’t sucessful;  OSX on the other hand could have many many times less attempts, but a greater percentage successful.  I’m curious how the two/three stack up in successful attacks per say 1000 computers.