Unanswered question: how’s Vista’s real-world security compared to XP?

Reading Bruce Eckel’s disappointing I’m not even trying Vista post (I think he should give it a go rather than swallow all the anti-hype) prompts me to ask: how’s Vista’s security shaping up, after 12 months of real-world use?

I could call the anti-virus companies, but I doubt I’ll get a straight answer. The only story the AV guys want to see is how we still need their products.

I’d like some stats. What proportion of Vista boxes has been successfully infected by malware? How does that compare to XP SP2? And has anyone analysed those infections to see whether User Account Control (Vista’s big new security feature) was on or off, and whether the infection required the user’s cooperation, such as clicking OK when an unsigned malware app asked for admin rights? What about IE’s protected mode – has it reduced the number of infections from compromised or malicious web sites?

Has anyone got hard facts on this?

Technorati tags: , , ,

11 thoughts on “Unanswered question: how’s Vista’s real-world security compared to XP?”

  1. Well, he does start the article by saying how he *has* used Vista…

    Yes, he says he’s “occasionally dabbled” on one machine, and that his dad has one. Oddly, his experience as described is more positive than the list of negative links he cites. Then he says he’s not making the transition.

    I think he should try it in earnest, if he wants to know what it is like.

    My feelings are mixed; I agree that Vista has some problems (performance, audio) but it is perfectly usable – I’ve run it since November 2007 on multiple machines, as regular readers will know.

    Tim

  2. If nobody uses Vista yet, what would be the point of cyber criminals to write viruses? Don’t they usually try to target as many computers as possible?

    Let’s revisit this theme 5 years from now.

  3. If nobody uses Vista yet, what would be the point of cyber criminals to write viruses?

    So are you saying that Vista is secure, albeit because of limited use?

    I’m also interested in how you define “nobody”? Just for fun, here are my blog stats for this month:

    Windows XP: 52%
    Windows Vista: 15%
    Windows 2000: 10%
    Mac OS X: 5.1%

    Skewed by the content of the blog, no doubt, but it’s first-hand evidence of significant usage.

    Tim

  4. “So are you saying that Vista is secure, albeit because of limited use?”

    No. I said Vista is not a target yet, so it’s impossible to answer.

    “Windows Vista: 15%”

    100% skewed figures given the content of the blog.

  5. Tim,

    Up front: I work for Microsoft in the UK; am not a security expert but am interested in software development overall.

    You may have already seen this article: http://support.microsoft.com/kb/942698
    which links to a webcast/presentation that the US security team released in November.

    Amongst lots of data that is collected through the Malicious Software Removal Tool (MSRT) and the One Care products, they report
    “The MSRT cleaned malware from 60 percent fewer Windows Vista® computers than Windows XP SP2 computers (normalized) and The MSRT cleaned malware from 91.5 percent fewer Windows Vista computers than from computers running Windows XP without any service pack installed”

    There is other data in the deck which suggests that less “unwanted” software gets installed on Windows Vista than XP SP2 and we believe that UAC is one factor in that reduction but I understand that we can’t prove it from the data currently collected.

    The presentation also includes several general references to trends in security and I was struck by the high ratio of application to OS vulnerabilities – a topic I don’t see too much discussion of …

    I’d welcome your thoughts on the report and its value, let me know if there is more help I give you.

    Kevin

  6. Kevin

    Thanks for the link, it’s an interesting report.

    I don’t think it helps all that much with the question though. It covers Jan-June 07 which is early days for Vista. It’s also hard to know why infection rates were lower; there could be a variety of reasons. I’d also really like to drill down and analyze the reasons machines were infected, which seems beyond the scope of the report.

    I guess I’ll have to be patient.

    Tim

  7. I can only speak from personal experience, but I’ve had this Vista machine for about a year now, and there was only one piece of malware that got past the built-in system and IE security measures. This was something called Malware Crusher that tried to download a few days ago. I was running Norton which detected it as Downloader.MisleadApp and blocked it. Otherwise, absolutely bugger-all has got through. I’m rather pleased.

Comments are closed.