Microsoft has recently released its latest Security Intelligence Report (SIR) which details, among other things, rates of malware infections across the various Windows operating systems. The report is entirely security related and not meant specifically as a vessel to encourage XP users to upgrade. However, that certainly is a side effect, unintentional or not – many of the report’s findings do suggest that an immediate upgrade might be a prudent move for XP users.
The comprehensive report is actually 160 pages long, but malware encounter and infection rate comparatives have been specifically highlighted in a separate Microsoft Technet blog article. The included infection rate chart appears to clearly indicate why users should replace XP as soon as possible:
The infection rate chart shows computers cleaned up out of every thousand on which Microsoft’s Malicious Software Removal Tool (MSRT) was used. The encounter rate shows computers on which malware was detected – and almost certainly prevented from infecting – out of every hundred protected by a Microsoft virus blocker. The side by side comparisons show that, while Windows XP SP3 computers encountered almost as much malware as other platforms, computers running Windows XP experienced a much higher overall infection rate.
On the surface at least, these statistics tend to confirm that users who went looking for possible malware via MSRT were 5.7 times more likely to find infections on XP than on Windows 8. On the other hand, MSRT has never been a broad spectrum anti-malware tool, mainly dealing with only the most commonly encountered malware families. As such, it could be argued that MSRT has perhaps developed a bias toward XP related malware in general, and the infection rate statistics shown may merely represent the level of MSRT’s effectiveness per Windows version.
I suspect the truth may lie somewhere in between; while XP may not be exactly 5.7 times more dangerous than Windows 8, I do believe it is reasonable to accept that Microsoft’s collected data supports a claim of heightened risk levels for users who continue on with XP. It’s also apparent that enhanced security measures, such as Address Space Layout Randomization (ASLR), which were introduced into Windows and Internet Explorer post XP, have greatly bolstered overall security.
- You can download the full Microsoft Security Intelligence Report (PDF) here: Microsoft Security Intelligence Report
- And view the related Technet article here: Infection rates and end of support for Windows XP