Microsoft: Data shows Vista more secure than XP

Microsoft's latest security report shows the number of vulnerabilities found in its software fell for the first half of the year.

Microsoft's latest security report shows that the number of new vulnerabilities found in its software was lower in first half of the year than the last half of 2007, with the Windows Vista OS proving more resistant to exploits than XP.

Microsoft reported 77 vulnerabilities from January to June compared to 116 for the last six months of 2007, according to the company's fifth Security Intelligence Report.

The decline is in line with the software industry as a whole, which saw a 19 percent decrease in vulnerability disclosures compared to the first half of 2007, Microsoft said. However, those vulnerabilities considered highly severe rose 13 percent.

Exploit code was available for about a third of the 77 vulnerabilities; however, reliable exploit code is available for only eight of those 77.

Other data shows that XP is attacked more frequently than Vista. In XP machines, Microsoft's own software contained 42 percent of the vulnerabilities attacked, while 58 percent were in third party software. For Vista machines, Microsoft's software had 6 percent of the vulnerabilities attacked, with third-party software containing 94 percent of the flaws.

New security technologies such as address space randomization have led to fewer successful attacks against Vista, said Vinny Gullotto, general manager of Microsoft's malware protection center.

"Moving onto Vista is clearly a safe bet," Gullotto said. "For us, it's a clear indicator that attacking Vista or trying to exploit Vista specifically is becoming much more difficult."

The highest number of exploits were released for Windows 2000 and Windows Server 2003 operating systems, Microsoft said.

Hackers appear to be increasingly targeting Internet surfers who speak Chinese. Microsoft found that 47 percent of browser-based exploits were executed against systems with Chinese set as the system language.

The most popular browser-based exploit is for the MDAC (Microsoft Data Access Components) bug that was patched (MS06-014) by Microsoft in April 2006.Some 12.1 percent of all exploits encountered on the Internet targeted that flaw. The second most encountered exploit is one aimed at a vulnerability in the RealPlayer multimedia software, CVE-2007-5601.

The two most commonly exploited vulnerabilities in Windows Vista concerned ActiveX controls that are commonly installed in China, Microsoft said.

Gullotto said Microsoft is continuing to improve the Malicious Software Removal Tool (MSRT), a free but very basic security application that can remove some of the most common malware families.

Last month, Microsoft added detection for "Antivirus XP," one of several questionable programs that warn users their PC is infected with malware, Gullotto said. The program badgers users to buy the software, which is of questionable utility. "Antivirus XP" is also very difficult to remove.

Microsoft fielded some 1,000 calls a month about Antivirus XP on its PC Safety line, where users can call and ask security questions. Since the MSRT started automatically removing the program, calls concerning Antivirus XP dropped by half the first week, Gullotto said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Windows Vista

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?