Microsoft: Windows 7 is way more exposed to ransomware than Windows 10

For those of you who've avoided upgrading to Windows 10 so far, Microsoft has offered some scary ransomware numbers to prove it's in your interests to do so.
Written by Liam Tung, Contributing Writer

Microsoft's data shows Windows 10 devices have fewer ransomware encounters than Windows 7 devices.

Image: Microsoft

If you want to escape the clutches of ransomware, the best thing you can do is install the Windows 10 Anniversary Update, according to Microsoft.

Microsoft says there's been a 400 percent rise in ransomware encounters affecting Windows since 2015, but older versions of Windows are more exposed to it and more prone to actual infection after an encounter. Microsoft says it has "made Windows 10 Anniversary Update the most secure Windows ever".

Devices on Windows 10 are 58 percent less likely to run into ransomware than Windows 7, Microsoft argues in a new white paper detailing in-built defenses against the extortion-ware.

Ransomware arrives either through email or the browser, both of which Microsoft has battened down in Windows 10.

In July, Microsoft counted 58 million attempts to use email to infect customers with ransomware, while its SmartScreen Filter blocks on average 200,000 automated attacks over the web from so-called exploit kits that deliver ransomware, according to Microsoft.

Better overall security has been one of Microsoft's main arguments for users to upgrade to Windows 10, but the company highlights a number of additional security improvements unique to the Anniversary Update.

Microsoft hopes better protection from ransomware motivates Windows 7 users to upgrade even though it now costs $120 to do so, after its free update period expired in August.

Edge on the Anniversary Update works to prevent exploits from downloading and running malware, such as ransomware, on the device, Microsoft says.

In other words, if hackers find the first zero-day exploit for Edge, it will still be difficult to run malware on the compromised device.

Edge now also places Adobe's frequently-targeted Flash Player in an application container to shield attacks on it from having an effect on the browser itself.

Microsoft has in addition added new protections for the Windows kernel to prevent attacks on Edge reaching the core of Windows.

"In the Windows 10 Anniversary Update, we limited the ways in which system calls can be used by Microsoft Edge, which increases the likelihood that a successful Microsoft Edge exploit will not escape the browser's sandbox and harm the rest of the system, including your important data," Microsoft notes.

Windows Defender has also been upgraded over the past six months, in particular in blocking and analyzing malicious attachments. According to Microsoft, it's reduced Windows Defender's miss rate "considerably" and so improved its ability to protect inboxes.

Microsoft doesn't quantify how much it's improved, but Windows Defender hasn't always performed well in tests by antivirus testing firm AV-Test. Russian antivirus firm Kaspersky drew attention to Windows Defender results in a complaint to Russia's competition authority over Microsoft allegedly giving preference to Windows Defender over superior rival security products.

Microsoft says Windows Defender is now faster at responding to previously unseen malware and that it doesn't need a definition for each piece of malware to react. This capability was enabled with a feature called Block at First Sight, introduced with the Windows 10 Anniversary Update.

"By improving these behavioral heuristics, we more effectively protect against ransomware, blocking 15 percent of ransomware threats detected in July 2016 this way. The remaining 85 percent were blocked using traditional signatures and cloud-based protection," Microsoft says.

Read more about Windows 10

Editorial standards