Microsoft blames users for Vista infections

Summary:In countering claims Vista is less secure than Windows 2000, Microsoft has said the 'complacency' of users is to blame for infection rates

Software giant Microsoft has claimed user "complacency" is to blame for malware infections, and denied that its Vista operating system is less secure than Windows 2000.

The claim that Vista is less secure than Windows 2000 was made last week by security vendor PC Tools, which said that over the past six months Vista had suffered 639 unique threats, whereas Windows 2000 has suffered 586. PC Tools's research was conducted by collecting data from customers using its ThreatFire behavioural detection software.

"Ironically, the new operating system has been hailed by Microsoft as the most secure version of Windows to date," said Simon Clausen, the chief executive of PC Tools last week. "However, recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight-year-old Windows 2000 operating system, and only 37 percent more secure than Windows XP," Clausen said.

However, Microsoft strongly hit back at the claims, blaming users for executing malicious code on their machines. On Tuesday, Technet blogger and Microsoft evangelist Michael Kleef said the number of infections found by PC Tools was an indication of poor user behaviour.

"The number of virus infections found by a virus vendor does not necessarily equal poor security," wrote Kleef in a blog post. "In many cases it equals poor user behaviour. If I, despite all prompting and consent behaviour, choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code then I'm hosed."

Kleef claimed the number of infections was not purely the operating system's fault, but said that "in some cases it's the user and their lack of knowledge and their implicit 'it-won't-happen-to-me' complacency" that causes them to get infected.

Kleef's comments followed on from a blog post on Friday by Austin Wilson, the director of Windows Client Security Product Management, which also denied that Vista was less secure than Windows 2000. Wilson said results collected from over 450 million uses of Microsoft's Malicious Software Removal Tool (MSRT) and published in Microsoft's most recent Security Intelligence Report show Vista is more secure than Windows 2000.

"Our results published in the April 2008 version of the Security Intelligence Report show that Windows Vista is significantly less susceptible to malware than older operating systems," wrote Wilson in the blog post. "Using proportionate numbers, MSRT found and cleaned malware from 44 percent fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77 percent fewer than from computers running Windows 2000 SP3."

Topics: Operating Systems

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.