Malware pain for my users

While many of my users have run into snags with malware requiring a thorough cleaning (and a few requiring reformatting), most have largely avoided the extensive infestations that plague so many Windows users. By and large, they are a safe bunch of surfers, use Firefox for web browsing, don't bother with P2P apps or instant messaging, and spend a lot more time in PowerPoint than they do online.

While many of my users have run into snags with malware requiring a thorough cleaning (and a few requiring reformatting), most have largely avoided the extensive infestations that plague so many Windows users. By and large, they are a safe bunch of surfers, use Firefox for web browsing, don't bother with P2P apps or instant messaging, and spend a lot more time in PowerPoint than they do online. They run Clamwin and Ad-Aware from time to time and, as long as they are behind our firewall, they also have gateway anti-malware protection.

That being said, two of my users in as many days have come to me with computers that look more like they belong to teenage boys with unfettered broadband access instead of middle-aged women whose big online adventures include trips to eBay and YouTube. One was running Panda Internet Security Suite (not my favorite, but generally pretty effective; she'd purchased her own computer, so her choice in anti-virus was a religious issue), while the other was running McAffee and Windows Defender.

The problem is not the users in this case. Rather, it's simply the sheer volume of malware floating around for Windows XP. As Rich Mogull points out in a recent article on anti-virus apps for Macs,

The reality is that today the Mac platform is relatively safe. There are hundreds of thousands of viruses and other malicious software programs floating around for Windows, but less than 200 are known to target the Mac, and many of those are aimed at versions of the Mac OS prior to Mac OS X (and thus have no effect on a modern Mac).

It's not that Mac OS X is inherently more secure against viruses than current versions of Windows (although it was clearly more secure than Windows prior to XP SP2); the numerous vulnerabilities reported and patched in recent years are just as exploitable as their Windows equivalents. But most security experts agree that malicious software these days is driven by financial incentives, and it's far more profitable to target the most dominant platform.

Believe it or not, this isn't a pro-Mac piece from a newly converted Apple devotee. Rather, it's meant to bring attention to a few key ideas.

  • First, malware continues to explode for Windows XP; anti-malware software is certainly not optional, even for "safe surfers."
  • Secondly, non-XP platforms are becoming a must to avoid the ridiculous numbers of malicious programs aimed at XP. Whether this means Vista, OS X, or Linux, XP is increasingly a less viable solution as constantly-running anti-malware software consumes system resources and is only marginally effective. This is one of the biggest reasons that I rail against the idea of installing stripped-down versions of XP on the new crop of educational laptops; none of these could handle the processing requirements of serious anti-malware applications and are simply too vulnerable when running XP.
  • Finally, the reality is that any platform that gains considerable market share will be at risk. This will obviously become a larger issue for Vista soon enough. Will it ever become an issue for the Mac or Linux? Talk back below and let us know what you think.