“Microsoft on Monday revealed the results of a 15-month test of its Malicious Software Removal Tool. The utility that seeks out and destroys malware reported malicious programs, or bots, on six out of 10 Windows computers it examined,” Jennifer LeClaire reports for TechNewsWorld. “Microsoft made the announcement at the Tech Ed conference in Boston, leaving little doubt that bots are pervasive on the Internet. Bots are automated programs that scan systems and Web sites. Search engine spiders that crawl the Web are good bots, but hackers use this same technology to control PCs so they can spread spam, attack Web sites or steal a victim’s identity. ‘The malware environment out there is worse than most people even dream of,’ Mike Murray, director of vulnerability research for nCircle, told TechNewsWorld. ‘This report underscores the need for people to understand their security and the need for vendors to work towards security as a goal of their product.'”
“Microsoft scanned 5.7 million consumer and small business PCs on which its Malicious Software Removal Tool was installed between January 2005 and March 2006. The results reveal that about 20 percent of the participating PCs had been cleaned, then re-infected, typically with a different kind of bot. In addition, about 35 percent of the bots were installed after victims opened e-mail or IM attachments, or downloaded data files from peer-to-peer networks. The majority of the remaining bots spread without any required action by the victim,” LeClaire reports. “At least one ‘backdoor Trojan,’ a malicious computer code secretly installed onto PCs, was discovered on 3.5 million computers. That’s 62 percent. Most of the backdoor Trojans functioned as bots communicating over a private messaging channel to a remote attacker.”
Full article here.
“The statistics also show how computer worms never really go away. For example, the ‘Blaster worm,’ which first surfaced in August 2003, is still the 10th-most-removed piece of malware, according to Microsoft. Indeed, Redmond found that in about 20 percent of cases where it removed malware in March 2006, the intruder was something the removal tool had previously nixed. The continued high rate of Blaster infections no doubt is due in large part to the number of people who re-install Windows for whatever reason and do not immediately apply security updates or take other precautions necessary for surfing the Internet with a Windows machine, such as using firewall and anti-virus software,” Brian Krebs writes for The Washington Post.
Full article here.
By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.
Connecting a PC to the Internet using factory settings is like leaving your front door wide open with your valuables out on the coffee table. A Mac, on the other hand, shuts and locks the door, hides the key, and stores your valuables in a safe with a combination known only to you. You have to buy, configure, and maintain such basic protection on a PC.
On a Windows PC, software (both good and evil) can change the system without your even knowing about it. In order for software to significantly modify Mac OS X, you have to type in your password. You’re the decider. You approve changes to your system.
People attempting to break into computers may disguise a malicious program as a picture, movie, or other seemingly harmless file. You might download such files from the Web, or get them via mail or chat. A PC just blindly downloads them without a peep. A Mac, however, will let you know that you may be getting a wolf in sheep’s clothing. The Mac web browser, Safari, can tell the difference between a file and a program, and alerts you whenever you’re downloading the latter.
A Mac gets much of this out-of-the-box protection from its open source UNIX heritage. The most critical components of Mac OS X are open for review by a worldwide community of security experts. Their input helps Apple continually make Mac OS X ever more secure. And it’s simple to update a Mac with the latest advances. By default, a Mac checks for updates weekly. For pure peace of mind, you can set a Mac to download security updates automatically. Apple digitally signs the updates, so you can be sure they come from a trusted source.
To get a sense of just how big the virus problem is, search for “virus” at both Apple and Microsoft. Compare the number of results. What’s more, the 100 most virulent attacks cause 99.9% of damage from malicious software. None of these attacks work on a Mac. Don’t you deserve such protection?
More info: 114,000 viruses? Not on a Mac.
Advertisements:
• Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook. Starting at just $1099.
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Microsoft hides fact that ‘Windows Genuine Advantage’ antipiracy spyware phones home every boot up – June 09, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Mafiasoft launches Windows protection racket – May 31, 2006
Apple Boot Camp’s ‘Windows Insecurity Blanket’ helps buyers decide to switch to Macs – May 19, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
FBI: Viruses, spyware, other computer-related crimes cost U.S. businesses $67.2 billion per year – February 01, 2006
Tech writer: ‘virus-and-spyware-prone Windows isn’t the way to go – get a Mac’ – January 31, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
Microsoft Windows virus spreads rapidly; Apple Macintosh unaffected – November 28, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
How to avoid viruses and malware? Dump your Windows PC and get an Apple Macintosh – August 22, 2005
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
97,467 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – April 05, 2005
68,736 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – March 12, 2005
And I can still hear RealityCheck and Mac and PC Guy saying: we’ve never had a virus or anything like it. Run antivirus and you’re just fine with Windows.
This just PROVES that antivirus progs are USELESS. If 60% and more were infected it is inconceivable none of those ran antivurus progs.
WIndows is an effing DISASTER.
better than searching or googling for virus for Windows/Mac just go to the site: http://www.ciac.org/ciac/bulletinsByType/bul_vendor_list.htm
Concerning what Bill Gates or other Microsoft reprs would reply to the “why do not build a OS as safe as Mac OS X” the answer is the usual BS: “we are as safe if not better than Mac OS X. We get all these attacks because we are the greatest target. If Apple had our market share you would be in even worst situation because they are not used to these kind of attacks”
And believe me, it works with IT, it works with Joe Six Pack, it works with the average Windows user. They truly drink this BS from MS.
Concerning the usual “I use Windows, I know how to pamper it and protect it, I never got a virus”: it means absolutely nothing. The answer is in the large numbers. When you get a large sample of Windows installation there is 100% certainty that whatever the protection in place, hundred of thousands of users will be infected. AND no, it is not silly users but most of them are in corporation with BILLIONS of dollars spent is protections, firewalls, IT working 100% of their time to protect their park and still they get creamed EVERY TIME.
So to all single Windows user coming here and saying “all exaggeration, I never had a virus”, sorry pal, you are irrelevant. Go explain that to all those corporate institutions shut down by every new coming virus that they should hire you instead of their teams tens-strong of highly paid MS techies graduate. THEY are helpless, go help them.
Get real!
How many times have we read “Company X saved by their Department Y using Macs. ALL others were creamed by virus Z”
Finally, the comment People who have pc knowledge do just find with windows. People who are newbies, grandmas, kids, those who don’t know a cd holder from a cup holder should be given a MAC. is so out of touch with reality it is amazing anyone with a grain of salt could have formulated it.
Are you smoking? You truly believe it is enough to have PC knowledge to avoid malware? HAHAHHAHHHUEHUHUHUAHHAHAHAHAHA
That explains why Windows users infection is around 60 % or more every time. They are so amazingly naive!
Baby, systems in places like CERN, ESA, Imperial College, University of Berkeley, the US Coast Guards, banks all over the world, get corrupted and infected and PCs need to be removed from their network to be cleaned up. All Moms and Pops working there?
yes, Microsoft’s numbers show it finds malware once in every 311 scans or, for the mathematically challenged, 0.32% of the time.
One way to look at this is that roughly at any given point in time 0.32% of PCs which are set up to use the tool have malware. hardly what the average Head Up Arse Mac User would have you believe.
The 62% number is that the Bot was found on 62% of the 0.32% that were compromised, or 0.20% of actual scans.
And in case the Apple users don’t understand, this software is free and runs automatically on an XP SP2 system (as it comes out of the box).
gagravaar, following your logic, “Even the best anti-virus/spyware/trojan application doesn’t get them all” if you don’t run ANY antivirus, how do you know a super secret Mac virus isn’t running on your Mac, just waiting for it to be activated by the signal from Bill’s black helicopters?
“People attempting to break into computers may disguise a malicious program as a picture, movie, or other seemingly harmless file. You might download such files from the Web, or get them via mail or chat. A PC just blindly downloads them without a peep”
You can’t be serious believing that. Go use an XP SP2 PC, see what it actually does.
No koolaid here:
You said: “Vista is going to address most of the criticisms expressed here regarding important system files being changed without the users knowledge.If it’s a locked down as some beta testers have suggested, I can’t see what your complaint is.”
Vista beta had 10,000 viruses/malware for it the DAY IT WAS RELEASED! Yeah, sounds like Microsoft is working overtime – to develop its own subscription malware protection racket. As for securing the OS, it will never happen. Especially once Microsoft starts getting users to subscribe to services from Microsoft to protect them against products by Microsoft.
What’s wrong with that picture?
virus, you need to reread the article. The tool has been installed on 5.7 millions PC. Over a period of 15 months the tool “reported malicious programs, or bots, on six out of 10 Windows computers it examined”.
And that is 60% of the PCs where the tool was installed.
“about 20 percent of the participating PCs had been cleaned, then re-infected, typically with a different kind of bot”
“about 35 percent of the bots were installed after victims opened e-mail or IM attachments, or downloaded data files from peer-to-peer networks”
“At least one ‘backdoor Trojan,’ a malicious computer code secretly installed onto PCs, was discovered on 3.5 million computers. That’s 62 percent.”
You are smoking crack as usual. And as usual, Windows users are totally blind when talking security.
wait virus, you were kidding right? No one could be so stupid!
62% of the 0.32% that were compromised
LOL, it is 3.5 Millions PC out of the 5.7 Millions where the tool was installed, Stoopid!
No iPodder, virus simply believed the sample was the entire population of PCs in the world, that is, just another Head Up Bill’s Arse Windows User.
Nothing new to report. Windows users are infected by the truck loads, the very Microsoft tests over 5.7 millions PCs shows a rate of 60% infection, a rate of 20% RE-infection, a rate of 35% of bots having infected via means that should be totally safe – as they are on the Mac – a 62% of presence of a backdoor for stealth infection and the average Windows idiot spouts: “EXAGGERATION, it is 62% of the 0.32% that were compromised”
IDIOT, it is 3.7 Millions infected out of a sample of 5.7 !!!!!!!!!!!!!!!!!!!!!!
Q: Does it sux to be so frigging moronic in the Windows world?
A: No, they are proud to be MORONS
“Microsoft scanned 5.7 million consumer and small business PCs on which its Malicious Software Removal Tool was installed between January 2005 and March 2006. The results reveal that about 20 percent of the participating PCs had been cleaned, then re-infected, typically with a different kind of bot. In addition, about 35 percent of the bots were installed after victims opened e-mail or IM attachments, or downloaded data files from peer-to-peer networks. The majority of the remaining bots spread without any required action by the victim,” LeClaire reports. “At least one ‘backdoor Trojan,’ a malicious computer code secretly installed onto PCs, was discovered on 3.5 million computers. That’s 62 percent.”
Read the above ten times before meals till you know it by heart.
MICROSOFT sampled 5.7 Millions PCs and found not less than 3.5 Millions INFECTED. THAT’s 62%.
And the announcement shocked the audience. I wonder why, since at peak infection for major virus strikes the number of PC infected is about… you guessed… 60% !
Nice to see Microsoft confirms they SUCK!
Nice to see Microsoft confirms they SUCK!
Nice to see average Windows user Virus confirmed Microsoft excuse (Balmer and Gates comments) for their infection rate: “our problem is our Windows user base. You cannot protect yourself from dumb users”.
But no Virus, we know it is not the fact that you are dumb at fault, as Microsoft Head Up Arse Executives want us to believe. We know it is because THEY SUCK!
and – of course – iPodder – Microsoft *scanned* 5.7 Millions PCs where the tool was installed over a period of 15 months. But I get from your posting that you had that understood anyway.
We do not know how many PCs are currently running the tool but the 5.7 Millions sample is not bad in a population of some ~200 Millions PC. Actually quite a large sample that would allow to conclude that at least 120 Millions PCs in the world have a corruption/infection of some kind.
Way to go MicroSUCK!
BTW Virus, the results tell you that you have 6 chances out of 10 to have – unknowingly – a stealth infection.
How do you think cracker can sell PC zombies by the hundred of thousands at the time for hefty dollars? Where do you live? in an asylum?
P0WNED
I cuddle my poo!!!
Guys… I hate to break it to you, but Virus is right. I went and looked at the raw data which is available here:
http://download.microsoft.com/download/3/d/e/3de2470b-ab9a-4a7f-b760-ee2421df294a/WindowsRemovalToolWP.doc
According to Microsoft, 270,000,000 unique computers were scanned… not a sample… ALL of them. Of those 270 million, only 5.7 million were found to be infected and cleaned. That is about 2.1% of all computers scanned.
Of those 5.7 million, 3.5 million were infected with a Trojan as well as the other malware. That is the source of the 62%…
62% of the only the malware infected computers also carried a Trojan… not 62% of the entire population of scanned computers.
It is actually only ~1.3% of the entire population of 270 million that carried a Trojan.
The AMAZING thing is that there is not ONE class-action lawsuit, even though this M$ sh*t is costing BILLIONS in damage every year.
ahh yeah, the iPod has some scratches and how many cclass-action lawsuits were filed.
Is this evidence that PC people are just less intelligent?
Swordmaker, sorry but it does not add up. According to the article on TechnewsWorld Microsoft 5.7 Million computers were scanned out of the 270 Millions of installs. This last is the number of computers where the tool has been installed. And also this figure is amazing. The article also mentions data from “participating PCs” and “participating consumers and small business”. In addition, the user can choose for the tool NOT to report back to Microsoft.
All above points to the fact that data where not collected from ALL installations: “The utility that seeks out and destroys malware reported malicious programs, or bots, on six out of 10 Windows computers it examined”.
Comments from experts reflect a situation that is bad: “The malware environment out there is worse than most people even dream of” that would not be consistent with a figure of only 0.32% infection. That would be phenomenal security, even better than Unix.
“This report underscores the need for people to understand their security and the need for vendors to work towards security as a goal of their product.” With 0.32% infection the comments would be “We have won the war against malware!”
TechNews titles: “Disturbing Figures
Microsoft scanned 5.7 million consumer and small business PCs on which its Malicious Software Removal Tool was installed between January 2005 and March 2006. “
0.32% a disturbing figure? The disturbing figure is the confirmation – and admission by Microsoft at the Tech Ed in Boston – that the rate of infection is around 60%.
In addition to that, 270 Millions computers and the doc reports installs on computers running Windows XP, Windows 2k and Windows Server 2003. Of those Windows versions, only XP is possibly in the hands of consumers, the rest is the segment of “participating businesses”.
The same doc states that when the tool finds a possible infection it prompts the user to send the results to Microsoft. The user can deny that.
All above means that it is simply impossible and statistically meaningless to think that the sample is the entire installed base of the tool.
It points though to where Virus got his numbers so at least he has not invented them – so sorry for having made fun of you pal, part of the game – but remains that when you read something you must have a critical eye and people at the Boston tech event where flabbergasted by the BAD results, not happy for an amazing 0.32% infection rate.
Clearer now?
First off, you need to know what MSRT doesn’t do. It doesn’t protect you against every known form of malware. And it doesn’t scan your hard drive for files containing malware the way antivirus software does. Instead, it scans your system’s memory for any evidence of currently running malware found on a list Microsoft maintains and updates regularly.
MSRT can’t do everything antivirus software does, so if there are other instances of that entity stored in files on your hard drive and not yet activated, MSRT won’t detect or wipe them from your system. And if the active entity has infected or damaged other files on your system, MSRT won’t detect this either or try to repair them.
So not only MSRT found that 6 out of 10 of the participating PCs (ie scanned) are infected, it does not detect all possible infections.
Not surprisingly the report at the Tech Ed in Boston was “disturbing”
I wonder what would then be the percentage of infected PCs… 100% ?
It only has checks for 4 (FOUR) virus: Dumaru, Gael, Magistr, and Parite.
The rest is essentially email worms and backdoor trojans.
the 0.32% rate is the number of MONTHLY cleaned computers out of the installed base, one every 311 computers every month which amounts to some 800k infections every month. This number has been roughly consistent from July 05, when MS started to collect data from participating PCs. The tool was first released on Jan 05 but from Jan 05 to June 05 MS was not collecting *any* data from any one.
To say the least, since MS does not receive data from the all 270 millions PCs the derived percentage is just a MS spin-doctor to make so that careless readers get the impression that the results are actually good.
To reinforce the analysis of the report. From BBC News of the 21st August 2003:
The Sobig Windows virus that overwhelmed e-mail inboxes around the world is one of the fastest growing viruses ever.
E-mail filtering firm MessageLabs said it had intercepted more than a million copies of Sobig F in 24 hours, more than for any other virus.
Net service giant AOL said it had stopped more than 23.2 million copies of the virus since it first appeared on 18 August.
So, I stress the figure: 23.2 MILLIONS copies of the virus reported.
Do you want to know how many computers MSRT reports as being cleaned by Sobig? 6371 !!!!!!!!!
Still convinced the report is from data coming from 270 Millions PC?
To the tally of Sobig there are then some 23.1 MISSING.
Get real.
Another interesting comment from Microsoft reported in Boston:
“… most of the removals are from Windows XP SP2, with Windows XP composing 89% of all removals by the tool. This high number
of disinfections from Windows XP SP2 computers is expected because most of the executions of the tool are on Windows XP SP2
computers.”
Windows XP SP2 is supposedly greatly and vastly more secure than other versions (non SP2 or ME, or 98, 2k, you name it, which still are the majority out there). And still, it makes for 89% of entries of the infected PCs. Also from this one could get that MSRT data do not come from “at least 270 Millions PCs”.
Sorry for the multiple posts, this is my last to reinforce the main message: it is a SMALL sample result.
Again from Microsoft: “The tool is also available for deployment through
Windows Server Update Services (WSUS). […]. The tool does not transmit any information back to Microsoft on computers that are updated by a WSUS server.”
Hence, once again, 270 Millions is the installed base of the tools. A small part of these, “participating users and businesses”, have reported data back to Microsoft and the results are that “6 out of 10” have reported infections.
Peace