Microsoft came out with a new edition of its Security Intelligence Report today, saying that company data shows that Windows XP machines are much more likely to be infected in encounters with malicious software on the Internet.
Windows XP machines were six times more likely to be infected than machines running Windows 8, the latest version of Microsoft’s operating system, the company said.
The Security Intelligence Report (or SIR) is a unique window into the malicious activity online, given Microsoft’s massive footprint of more than 1 billion systems running versions of the Windows operating system, and the detailed data it collects from them through its automatic update patching- and malware removal features.
This is the 15th such report Microsoft has issued. The company used the latest report to hammer home a message about the need for Windows XP users to move off that system to a newer version of the operating system. Windows XP support ends April 8, 2014.
Microsoft said that around 21 percent of systems are using Windows XP or older versions of Windows. However, other surveys put the number between a quarter and a third of all systems. Small businesses, lacking large IT staffs, often delay the deployment of new operating systems, fearing business disruption. The XP operating system – or versions of it – also runs a wide range of hard-to-patch embedded devices.
Malware is a persistent problem online. The company reported that, in the first half of 2013, nearly 17 percent of computers worldwide running up-to-date, real-time security products from Microsoft encountered malware. This is the first time Microsoft has published data on malware “encounters” as opposed to data on infections.
The frequency of those encounters was the same regardless of what operating system the user was running. However, although Windows 8 encountered a similar amount of malware as Windows XP, computers running Windows XP were six times more likely to actually be infected with those threats, Microsoft said.
The numbers reinforce what seems like an obvious point: unsupported software is more likely to be successfully exploited. However, Microsoft’s numbers are eye-opening, and reinforce the importance of patching. Windows XP Service Pack 2, which is no longer supported by the Redmond, Washington company, has a malware infection rate that is 66% higher than Windows XP Service Pack 3 – the last version of Windows XP that is still supported, Microsoft said.
The biggest threats for Windows XP users come from three families of malware: Sality, Ramnit and Vobfus – that can infect Windows PCs, steal personal information or download other malicious programs from the web, the company reported.
You can find the full Security Intelligence Report on Microsoft’s web site here.