Windows 7 vulnerable to 8 out of 10 viruses

Filed Under: Malware, Vulnerability

Now that we in the northern hemisphere have had some time to digest the Windows 7 hype and settle in for the coming winter, we thought we would get some more hard data regarding Windows 7 security.

On October 22nd, we settled in at SophosLabs and loaded a full release copy of Windows 7 on a clean machine. We configured it to follow the system defaults for User Account Control (UAC) and did not load any anti-virus software.

We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up. Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows. The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7.

Table of malware samples tested against Windows 7

User Account Control did block one sample; however, its failure to block anything else just reinforces my warning prior to the Windows 7 launch that UAC's default configuration is not effective at protecting a PC from modern malware.

Lesson learned? You still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3."

But let's not get complacent. Microsoft seems to be saying that Vista is the least ugly baby in its family. You can be sure the next report will highlight its even less ugly younger sibling, Windows 7.

Why do I say this? As of October 31st www.netmarketshare.com states that Windows Vista has a 19% market share against Windows XP's 70.5% and Windows 7's 2%. Approximately 1 in 5 Windows users is using either Vista or Windows 7. These users often have newer computers, automatic patching, and firewalls and anti-virus software in place.

With millions of hosts still infected with Conficker, ZBot and Bredo, it is obvious a lot of unprotected machines are still out there, and it is no surprise that most of those are XP.

As the chart above shows, Windows 7 users need not feel left out. They can still participate in the ZBot botnet with a side of fake anti-virus. Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up.

, , ,

You might like

2 Responses to Windows 7 vulnerable to 8 out of 10 viruses

  1. Valek (a.k.a "The Ghost") · 734 days ago

    Thank you very much for dispelling MS hype! I am going to post the URL to all the poor Linux muppets who think Microsoft's badly implemented, inferior copy of sudo&root is comparable!

  2. Tim · 474 days ago

    So how does THIS dispell ANYTHING about Linux??? I just you know,... WANNA KNOW how you came up with that??? Where in this article does it say ANYTHING about Linux at all!!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.