Microsoft Security Intelligence Report (SIR) vol. 15

SIR Volume 15: January 2013 to June 2013

The Microsoft Security Intelligence Report (SIR) analyzes the threat landscape of exploits, vulnerabilities, and malware using data from Internet services and over 600 million computers worldwide. Threat awareness can help you protect your organization, software, and people.

One of the more interesting elements of the report deals with infection rates between different Windows operating systems.

The following chart shows the encounter rate in comparison to the infection rate by operating system and service pack. While Windows XP SP3 computers encountered almost as much malware as other platforms, computers running Windows XP as a whole experienced a much higher infection rate. For example, although Windows 8 computers may encounter a similar amount of malware as Windows XP, people who use Windows XP are six times more likely get infected.


Malware Infection and encounter rates for Windows operating systems during 2Q13

A few possible reasons for the higher infection rate on Windows XP are:

  • Antimalware protection may not be active or up to date (more on this hypothesis in the last section).
  • Older technology lacks the protective measures built into more recently introduced operating systems, and therefore is challenged to defend against some attacks.

Windows XP was built more than 12 years ago and was architected to include security technologies that were innovative at the time. For example, Windows XP SP2 was released in 2004 and introduced Data Execution Prevention. However, the threat landscape has changed quite a bit since then and technologies that were built a decade ago, like DEP, are now commonly bypassed. A paper released earlier this year from Trustworthy Computing: Software Vulnerability Exploitation Trends helps illustrate this point. The paper also provides a comparison of security mitigations built into Windows 8 and compares them against the mitigations built into Windows XP.

Newer operating systems are not vulnerable to many of the exploitation techniques that are still widely used and remain effective against older platforms. Newer operating systems include a number of security features and mitigations that older versions were simply not designed for at the time.

Read more about this on the Microsoft website.


SIR Volume 15 Full report, 3.88 MB, 160 pages
SIR Key Findings Summary, 1.09 MB, 24 pages
SIR Worldwide Threat Assessment Report section, 2.91 MB, 106 pages


This entry was posted in Anti Virus, IT Security and tagged , , , , . Bookmark the permalink.