Tuesday, 2 August 2011

Windows XP - breading ground for malware

So I was reading an article on technet about Windows XP being the most popular OS for malware and more specifically the TDL4 rootkit that infects the Master Boot Record (MBR) as the research by Avast shows XP counts for 74% of malware, with Vista counting for 17% and 7 counting for 12% and 7 being safer than XP. Yes I understand this result naturally comes with the fact Vista and 7 have better defences with the UAC & driver signing as well as a few other defenses, then when it comes to x64, even less because of the different file system it uses.

Vista & 7 might be safer but are harder to repair if they do get infected - I see plenty of Vista and 7 machine that come with custom written MBR code from manufacturers for OEM partitions, and repairing these aren't easy - many malware removal tools write 'default' Vista or 7 code and these OEM machines don't use 'default' code and using default code on an infected machine causes the machine to become unbootable.

So yes XP might not be as safe as the more upto date OS's but it's much easier to repair the MBR on an infected XP machine.

However, I aren't just bashing Vista & 7, it's just these certain features like OEM are designed to help the everday user but sometimes make our jobs harder, and lots still love XP because it works and it's simple.  It's not complicated and XP had many years between the release of XP and the release of Vista, so are the end users to blame for the mass infection range of XP?

No comments:

Post a Comment