20 Years of Innovative Windows Malware

snydeq writes "InfoWorld's Woody Leonhard takes a look at the past 20 years of innovative Windows malware — an evolution that provides insights into the kinds of attacks to come. From macro viruses, to interstitial infections, to spray attacks, to industrial espionage, 'there's been a clear succession, with the means, methods, and goals changing definitively over time,' Leonhard writes, outlining the rise of Windows malware as a succession of ingenious breakthroughs to nefarious ends."

Re:Let the windows hate begin

You know what else are huge targets, and far more valuable than windoze boxes? LAMP servers.

You're a moron.

Re:Let the windows hate begin

[DocSavage64109]

yes, because nobody has ever stolen credit card numbers from a LAMP server.

20 years!

[KevinColyer]

Why have we put up with 20 years of Windows virus's for so long?

TWENTY YEARS!

What a complete waste of time. And my time is worth much more that the paltry licence fees I have shelled out over the years!!!

Is there any way to say that this is not an epic fail for the Win16/32 platform? On other platforms (Mac, Linux, other Unix's) the total amount of malware is hardly about 100 items in that time... Even if it is around 1000 (I really don't know) it is insignificant in comparison.

I have had not one malware issue in ten years of hosting Linux servers and five years as a Desktop OS on multiple PC's. My last Windows issue was a false positive: AVG thinking it had found a torjan in hal.dll and "healing" it. Thanks AVG. Several hours of work to restore that machine... (the re-imaging broke).

No Windows on every one of my desktops thanks!

Re:Let the windows hate begin

[pandrijeczko]

System security shouldn't be something users should ever have to worry about. While it's true making a perfect lock is impossible, Windows security until 7 has basically been a giant sign that says, "Please don't own this box."

Absolute rubbish! And that's coming from me, a mostly Linux user.

Microsoft made some design mistakes in Windows and cocked up on marketing making people believe that it is entirely possible to use Windows as an inexperienced user and never have to worry about security. In Vista they tried to counteract that bad information by annoying everyone with "in your face" security reminders called UACs, realised they'd gone too far with that and backed off a little in Windows 7. (And that *really* is the extent of my Vista and Windows 7 knowledge because I've not yet used either.)

But even up to and including XP, if it's patched up to the latest Service Pack and patch version, has a firewall activated, a virus checker and sits behind a NAT router on the Internet, then that system is going to be pretty safe just sitting there.

The fact is, that XP machine will get viruses and malware because an inexperienced user has not understood what he's doing or has been tricked into clicking something he should not have done. Sorry, but if you insist on downloading cracked games and cracked software from BitTorrent, then you're going to be putting viruses onto the machine that will end up trashing it, it's that simple.

But, on the other hand, if you get rid of applications like Outlook and IE that hook deeply into the core system, replace them with standard applications like Thunderbird and Firefox (or countless other web and mail clients) that sit *on top* of Windows, rather than *within it*, then that's already going to block a lot of malware getting onto the system in the first place. Then take care with email attachments, stay aware from dodgy software and sites, and like me you'll have several XP systems that haven't seen a virus in years.

Ever OS (yes, even Linux) has security weaknesses that can be opened up by a user who is not sure about what he/she is doing.

Windows is *not* an easy system to maintain, XP needs as much care and attention from an administration and day-to-day maintenance perspective than anyone of my Linux servers do, maybe even more so in my case because I'm much better at automating stuff in shell/Perl scripts on Linux than I am on Windows.

But it's got its bad security reputation because Microsoft made some poor marketing decisions and aimed it at people who believe they don't need any sysadmin skills to maintain it, and your comments don't honestly do any justice to the number of really good Windows sysadmins who make a pretty good job of keeping it secure, in my experience.