Malware Report Gives Windows Clean Bill of Health

For the first time since security firm Kaspersky started tracking malware threats, Microsoft products are off the company's top-10 list of vulnerability concerns, according to its recent quarterly report.

"Microsoft products have disappeared from this ranking due to improvements in the automatic Windows update mechanism and the growing proportion of users who have Windows 7 installed on their PCs," Kaspersky wrote in a release.

The improved track record of Windows software with regard to malware attacks is due in part to Microsoft's more recent security development lifecycle changes. In addition to Kaspersky taking notice, security expert Chris Paget outlined that view at the Black Hat conference earlier this month.

Paget and her team were involved in verifying that Windows Vista was safe to ship. The effort represented the first time that an independent team had been asked to do this check for a new Windows OS, according to Paget. Her comments came after a five-year nondisclosure time period had expired.

The findings of Paget's team did not give Vista a perfect security score, but she praised the company on its new procedures for finding software flaws and implementing fixes.

"Microsoft's security process is spectacular," Paget said. "Security is a process, not a product. It evolves. The question is, 'Was Vista secure?' Microsoft has a very bad reputation for security and it is very much undeserved."

Such praise doesn't come lightly, especially with Kaspersky pointing to the security shortfalls of software firms Adobe and Oracle. Those two companies had products with vulnerabilities making the top-10 list, marking another first in malware analysis. Adobe was the overall standout in Kaspersky's view, with seven of the 10 malware issues being associated with the Adobe Flash player.

Kaspersky found that the majority of software security risks were spread out globally, with the following countries being marked as "high" risk: Oman, Russia, Iraq, Azerbaijan, Armenia, Sudan, Saudi Arabia and Belarus. Kaspersky define high risk as having 41 percent to 60 percent of online users exposed to Web attacks.

The United States is in the "average" risk group, but its 40.2 percent user exposure level is on the border of being bumped up to the high-risk list. This finding is due, in part, to it and Russia being the top-two countries for having Web sites that house malicious code.

The Netherlands, according to the security firm, leads the globe in its continuous action to reduce the amount of sites hosting malware. The country's malware security rating dropped 4.3 percentile points to finish the second quarter of 2011 with 7.57 percent of malicious Web sites.

Two unhealthy trends Kaspersky observed over the second quarter was the rise in both fake antivirus programs and the continual momentum of mobile threats. System blocks of counterfeit antivirus programs increased by 300 percent, while attacks on the most popular mobile platform, Android, nearly tripled.

About the Author

Chris Paoli is the site producer for and


  • Exchange Server June Cumulative Updates Arrive, But with Red Tape

    Microsoft released its quarterly cumulative updates (CUs) for Exchange Server 2013, 2016 and 2019 products this week, but added an extra step for IT pros to consider before installing them.

  • Moving an Old VM to a New Hyper-V Host

    So you want to know whether a Hyper-V virtual machine built on a legacy host will be supported by a newer server? There's a PowerShell command for that.

  • AI-Driven Solution Tracks Packets Through the Datacenter

    Datacenter solutions vendor Kaloom this week unveiled a new offering the company says will enable the development of "self-driving" datacenter networks.

  • Microsoft Previews Azure Bastion Service for Private VM Access

    Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.