Windows 7 fails to stop eight out of ten viruses

Microsoft's Windows 7 is vulnerable to eight out of ten viruses.

According to a blog post by Sophos senior security advisor Chester Wisniewski, SophosLabs loaded a full release copy of Windows 7 on a clean machine on 22nd October and configured it to follow the system defaults for user account control (UAC) and did not load any anti-virus software.

However, after using the next ten unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and user account control (UAC) held up, Wisniewski claimed that Windows 7 disappointed just like earlier versions of Windows.

“The good news is that, of the freshest ten samples that arrived, two would not operate correctly under Windows 7,” said Wisniewski.

“UAC did block one sample; however, its failure to block anything else just reinforces my warning prior to the Windows 7 launch that UAC's default configuration is not effective at protecting a PC from modern malware.”

A netmarketshare.com report on October 31 stated that Windows Vista has a 19 percent market share against Windows XP's 70.5 percent and Windows 7's two percent.

Wisniewski said: “Approximately one in five Windows users is using either Vista or Windows 7. These users often have newer computers, automatic patching, and firewalls and anti-virus software in place. With millions of hosts still infected with Conficker, ZBot and Bredo, it is obvious a lot of unprotected machines are still out there, and it is no surprise that most of those are XP.

“But Windows 7 users need not feel left out. They can still participate in the ZBot botnet with a side of fake anti-virus. Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up.”

Richard Kirk, European director of Fortify, claimed that the fact that Windows 7 is vulnerable to 80 percent of viruses comes as no surprise.

“Wisniewski's observations that, on a clean machine, Windows 7 became infected with eight out of the ten viruses tested sounds bad, but in our opinion, this is indicative of the sheer volume of code that goes into operating systems today," Kirk said.

“When you factor in the issue that there are often more than a million lines of code in a typical Windows application, you begin to understand the scale of the problem for software developers.”

He went on to say that since there is a range of free-to-use anti-malware applications - as well as a plethora of low-cost pay-for IT security suites available - the problem is not a major one for most Windows 7 users.

Kirk said: “The volume of code-auditing and checking that is required for a modern operating system and its applications software is a big deal, however, and one that companies using customised or in-house-developed applications should be aware of."

See original article on scmagazineuk.com