Microsoft: SP2 makes Windows 15 times safer

A Redmond security guru also says spyware could be responsible for up to one-third of all Windows crashes.

Computers running Windows XP Service Pack 2 are 15 times less likely than those running XP or XP SP1 to be infected by some of the most dangerous forms of malware, according to a Microsoft security guru.

Jason Garms, who heads the company's anti-malware product team, said Tuesday that this improvement had been revealed by an internal analysis of SP2's performance.

SP2--a major security update released in August--was designed to turn on auto-update by default and consolidate security controls into a "security center."

"A machine that had Windows XP or XP SP1 was 15 times more likely to have one of the highly prevalent top 20 worms installed than on a machine running XP SP2," said Garms, who spoke at a conference sponsored by Australia's national Computer Emergency Response Team, or AusCERT.

He said that the default turning-on of auto update had made a dramatic difference to users. "Within days of Microsoft releasing a patch," he said, "the vast majority of the Windows ecosystem is up to date."

Garms also revealed that Microsoft is planning to release an enterprise version of its anti-spyware tool, which is currently available in beta form on the company's Web site. However, he would not reveal when the new tool would be available, or whether it would be a free utility or sold as a separate application.

"It is currently in our plans (to have) an enterprise offering that addresses spyware," Garms said. "The product and packaging details are still to be decided."

He added that spyware could be responsible for up to one-third of all Windows crashes, citing data culled by the Windows error reporting tool, which sends data back to Microsoft when an application crashes.

"The primary problem that users have with spyware is that their systems crash or are really slow or don't behave in the way they expect them to," Garms said. "We try to figure out how many of the crashes that are reported to us are actually attributable to spyware, and it turns out that at least one-third of those machines had spyware installed on them, so it is a big problem."

Garms noted that people are more worried about their computer behaving erratically and running slowly than they are about being spied upon by malware.

"Some people will have you believe that the primary impact of spyware is the spying on your systems, but that is the secondary impact of spyware," Garms said. Spyware causing crashes and erratic behavior "are the things that generate user help desk calls."

Munir Kotadia reports for ZDNet Australia.