Microsoft study: fewer vulnerabilities, but more are critical and more easily exploited
The infection rate of Windows Vista – with SP1 – is, at 4 per cent, just half that of Windows XP – with SP3 –, at 8 per cent. This is one of the results from Microsoft's six monthly Security Intelligence Report. The report analyses the statistics provided by the Malicious Software Removal Tool (MSRT), which checks computers for infection. An updated version of MSRT is sent out each patch day. Microsoft also includes data from the vulnerability report produced by the National Institute of standards (NIST).
Where the 64-bit version of Vista is used, the infection rate drops to just 2 per cent. The various security barriers in Vista clearly result in infections finding it considerably more difficult to establish themselves within the system. These include User Account Control (UAC), Integrity Levels, Kernel Patch Protection and Address Space Layout Randomisation. Independent security specialists such as Thomas Dullien have previously expressed the opinion that Vista is the most difficult mainstream operating system to hack.
Otherwise the study does not present anything significantly new, but merely confirms trends evident in previous studies – an increasing amount of malware, with an ever decreasing number of vulnerabilities in Microsoft products. Nonetheless, the number of vulnerabilities classified as critical has risen to 48 percent, of which 56 per cent are relatively easy to exploit.
In addition, the trend for the operating system to be less and less the target of attacks continues, with applications increasingly becoming the entry points for criminals and with it being mostly applications produced by other vendors which contain vulnerabilities. 90 per cent of vulnerabilities were found in applications. The recently fixed vulnerability in the Windows server/RPC service represents an infamous exception, especially as exploit code was in circulation so quickly. According to Microsoft, over the first six months of 2008 there were public exploits for 32 per cent of all bugs in Microsoft products. According to Microsoft tests, only just under 11 per cent of these exploits worked reliably.
The browser remains the most popular target for criminals – at least under Windows XP, where 42 per cent of attacks were directed at the browser. It's a different story under Vista, where, according to Microsoft's observations, third party applications were responsible for 94 per cent of intrusions. Chinese users are the most frequent victims of browser-based attacks. According to the report, 47 per cent of all intrusions into PCs via browsers occur on Chinese computers. Only one in four are on US PCs. Interestingly, the two most frequently reported browser exploits utilise two year old vulnerabilities in XML and MDAC.
The complete report can be downloaded from the Microsoft website: