Using data collected from computers worldwide, the company found that when it comes to browser attacks - the most common type - only six per cent targeted the Vista operating system, compared to 42 per cent with Windows XP.
"We have seen significant improvements in Vista with vulnerabilities," Bret Arsenault, general manager of the National Security Team at Microsoft, told vnunet.com.
"We are seeing very good improvements with the newer software. These results show just how good it is, particularly as the data has been normalised between the two operating systems in light of the installed base."
The report also found that, although malware rates are up 43 per cent so far in 2008, malware that targets the operating system is an increasingly small part of the overall problem. More than nine out of 10 vulnerabilities found in the first half of 2008 were for applications, not operating systems.
The most common forms of malware Microsoft detected are still Trojans, but the sophistication of code is increasing. Arsenault said that the firm had detected some polymorphic code that changed itself 571 times in a single day to avoid detection.
Viruses are increasingly uncommon, he said, as hackers look to financial rewards rather than kudos from their peers. Brazil still has a significant problem with worms, however.
But it is China that is now at the forefront of malware attacks. Nearly half of all browser-based exploits were found in the country, compared to under a quarter in the US.
Overall, enterprises are getting much better at deploying patches quickly, Arsenault said, but there is still a job to do in educating users.
"Guidance is as significant as technology," he said. "You have to look at it across the spectrum, so we have developed an educational awareness programme with free kits and assessment tools to teach people how to be safer."
Microsoft claims success with Vista security
By Iain Thomson on Nov 4, 2008 6:47AM