Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft: One In 14 Downloads Is Malicious

Posted by CmdrTaco on from the wonder-where-they-surf dept.

alphadogg writes "About one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5% of users ignore the warnings and download malicious Trojan horse programs anyway. IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen."

40 of 290 comments (clear)

  1. NEWSFLASH: Some People are Terminally Ignorant by h4rr4r · · Score: 2, Insightful

    These are the same folks that only change the oil in their cars when the warning light comes on.

    1. Re:NEWSFLASH: Some People are Terminally Ignorant by Chrisq · · Score: 2

      These are the same folks that only change the oil in their cars when the warning light comes on.

      Or in the case of my brother-in-law when my sister said the light was on, covered the warning light with a bit of tape so it wouldn't annoy her. She carried on driving until the engine seized up.

    2. Re:NEWSFLASH: Some People are Terminally Ignorant by h4rr4r · · Score: 3, Funny

      I had a boss once drive in circles in the parking lot with the hood up, to cool an over heating engine.

    3. Re:NEWSFLASH: Some People are Terminally Ignorant by petermgreen · · Score: 2

      The problem is for a home/SMB user (who can't/won't pay for proffessional IT to make the descisions) the only real alternative would be to have those descisions made for you by a coporate overlord like sony, MS or apple.

      Experiance from smartphones and games consoles shows that when corportate overlords make those kind of descisions they don't always have their users best interests at heart.

      --
      note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
    4. Re:NEWSFLASH: Some People are Terminally Ignorant by DJLuc1d · · Score: 2

      TDSS Killer. I've seen that one dozens of times and it *almost* always works. Congrats your boss on getting a rootkit.

    5. Re:NEWSFLASH: Some People are Terminally Ignorant by ColdWetDog · · Score: 2

      Oh, and I would have zero problems with a requirement - worldwide - that says to connect a "general-purpose" computer to the Internet you have to have a license of some sort. Something you have to prove your qualifications to get.

      This works so well for roadways. In general, Jersey barriers are the only things between you and the afterlife. Thank God for concrete.

      --
      Faster! Faster! Faster would be better!
  2. "Malicious" by Anonymous Coward · · Score: 5, Funny

    On the list of malicious files, as determined by the Microsoft Corporation:

    - Google Chrome
    - ubuntulinux.iso
    - antivirusotherthansecurityessentials.exe
    - iTunes
    - *ipod*.exe
    - gmail.com/index.html

    1. Re:"Malicious" by Missing.Matter · · Score: 4, Insightful

      antivirusotherthansecurityessentials.exe

      I know you're joking, but this one is pretty close to the truth. Norton and McAffee do more to slow down computers than actual malware does.

    2. Re:"Malicious" by Tanktalus · · Score: 3, Interesting

      This is what I call the second Microsoft Tax. The first one is the extra ~$30-$60 you pay on your computer that goes to Microsoft for their OS (prices assume it's a new rig with the OEM version pre-installed). The second one, this one, is the extra money you spend on CPU cycles and RAM to run the anti-malware software so that you still have as much CPU power/RAM as you need for what you really bought the computer for.

    3. Re:"Malicious" by mr1911 · · Score: 2

      Sadly my brother is one of those and I spend a lot of time cleaning-up his computer, because he just clicks "yes" to everything. I don't think he even bothers to read the warning.

      Quite cleaning his computer. Otherwise he has no incentive to change his behavior.

      --
      This post comes with a double-your-money-back guarantee!
      Any offense taken to this post is at your sole discretion.
    4. Re:"Malicious" by Gilmoure · · Score: 2

      NetBSD: Full Speed Ahead!

      --
      I drank what? -- Socrates
  3. Here is the list of top 5 malicious Downloads. by LWATCDR · · Score: 5, Funny

    1. Ubuntu
    2. Firefox
    3. Chrome
    4. OpenOffice
    5. VLC

    --
    See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
    1. Re:Here is the list of top 5 malicious Downloads. by DrScotsman · · Score: 3, Interesting

      The grandparent was listing jokes, not actual malicious software.

      Of course I jest, but which other Windows program anywhere near as popular brings up UAC prompts out of nowhere in the way Java updater does without even being "opened"? I bet Java is partially to blame for a huge number of users blindly clicking "Yes" to all UAC prompts - in the average user's eyes it just won't stop prompting until you accept its damn update.

    2. Re:Here is the list of top 5 malicious Downloads. by Anonymous Coward · · Score: 3, Funny

      Call an engineer. The sense of humor module on the vistapwns bot has crashed again.

    3. Re:Here is the list of top 5 malicious Downloads. by Inda · · Score: 2

      It's funny because it's true!

      Only it's not, like you say.

      I've been guilty of steering threads by using all five (yes, I only get five) mod points on the first post, and the following child posts. It's gaming the system and gaming the other users with mod points - they blindly mod up if they see a post that's been modded previously. I know it's wrong but I've been here a long time and I don't care.

      I have five mod points today. I promise I'll do good with them.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    4. Re:Here is the list of top 5 malicious Downloads. by thePowerOfGrayskull · · Score: 2

      I would say that UAC is to blame, since you get promoted to install or update any software. Since you obviously want the software, of course you're going to authorize it. This has the unfortunate effect of rendering UAC useless - people get used to allowing every time it asks, because they need to in order to complete the task at hand.

  4. Really? by Random2 · · Score: 4, Funny

    I didn't realize IE was downloaded so frequently.

    --
    "Our goal each year should be to increase the number of goals we set for ourselves!"
  5. Why by mehrotra.akash · · Score: 2

    Why does MS even have these stats?

  6. By Windows users, or by IE users? by mehrotra.akash · · Score: 2

    "About one out of every 14 programs downloaded by Windows users turns out to be malicious, "

    Windows or IE?

    If windows, how are they collecting these stats?

  7. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  8. Well, in fairness ... by gstoddart · · Score: 5, Insightful

    Despite Microsoft's attempts to completely nanny people, they've almost taken it too far ... which means that people start ignoring/disabling the warnings.

    The other week I launched IE on a new server install ... the very first warning message is "You are about to access the internet, and people can see what you do" -- which gets a "do not show me this again" before I dismiss.

    As soon as you submit into a search engine, you get told "You are about to submit something on the internet, are you sure" -- which also gets a "do not show again".

    By the time I tell it I don't want it to save passwords, autocomplete forms, and that, yes, I really do want Google as my default search ... well, I've stopped listening to anything "helpful" IE is telling me.

    I rank the utility of the stuff that MS has "designed" to make IE safe right up there with the error messages that amount to "something bad has happened, contact your admin" --- oooh, that's informative. And, since I'm the admin ... give me some f'ing idea as to what went wrong so I can try to fix it.

    Microsoft build in really pedantic and lame safeguards, which get turned off and/or ignored for the rest of time since they don't actually do anything useful.

    --
    Lost at C:>. Found at C.
  9. This can't be right by Riceballsan · · Score: 2

    Seriously only 5% of people ignore warnings? I would have to say about 75% of people I have seen download regardless of if you say "warning this will completely reduce your computer into a pile of steaming dung" in exchange for a screensaver with kittens, and then if you cut it down from that to IE users... well then I'd put that number closer to 95% would ignore the warnings.

  10. I've ignored the warnings... by wilgibson · · Score: 3, Insightful

    and yes that means I use IE. But, when it consistently tells me things like Downloader_Diablo2_enUS.exe can harm my computer after downloading it from battle.net I tend to not believe in its ability to really determine if something is malicious or not. As always, proper instruction on internet safety will go farther than a security feature that any idiot can bypass.

  11. Re:Yes, We're Doing Great Work by h4rr4r · · Score: 3, Insightful

    Only for very blatant lies. Otherwise I would be suing damn near every company that ever had an advertisement.

  12. Re:Surprise by oakgrove · · Score: 2

    Without administrative access, how would "an user" (anything like "an hero"?) install an application that is useful and not malicious?

    Millions of people do it daily. The walled garden has its benefits.

    --
    The soylentnews experiment has been a dismal failure.
  13. Just a thought by destroygbiv · · Score: 2

    "IE's SmartScreen has blocked more than 1.5 billion Web and download attacks" How many of these were actually factually malicious? Perhaps that is why people are ignoring the warnings? You can block (nearly?) 100% of malware by simply being Amish

  14. Re:Surprise by h4rr4r · · Score: 2

    Just tell "make install" to put it under your $HOME.

    Installing an application does not need admin access unless you need it to be available for everyone.

  15. The proposed solution, by HeckRuler · · Score: 4, Funny

    Is to block every 14th download, thus making Windows malware free!

  16. Re:This is actually part of a bigger problem by Monchanger · · Score: 2

    Interesting point and I'd like to read that professor's work, but I don't believe online services are flourishing for security reasons, but rather that it's coincidental from the average user's perspective. The whole point of this story is that people are not aware and knowledgeable enough about technology and security, so I doubt they factor it in highly enough to use it in their decision to chose an online service.

    Security is rarely mentioned in the list of features of these services: nothing in Flickr, Picasa, or DropBox other than to discuss how files you upload can be shared selectively rather than be public. DropBox doesn't turn up anything when you query for "virus" in the help section (and even suggests disabling your anti-virus to solve a connectivity problem). Even Google Docs which has drawn much concern on data security neglects to reassure you that documents you upload are properly safeguarded, and doesn't guarantee that downloading an MS-Office version of a document is devoid of malicious code which may have been uploaded by whoever shared it with you. There's far more concern assuring you that they perform backups and that your data won't be lost. Twitter mentions security only in the context of safeguarding your account from hijacking. Facebook's "privacy" aspects are obviously not worth mentioning and where they mention it it's due to bad publicity, not a way of attracting users away from MySpace by being a safer platform. It has taken major Twitter/EC2/PSN outages for people to even realize there's a risk in relying on online services, which still isn't being discussed in these feature sets- public understanding of availability is as meager as security.

    There's certainly a risk and possibly even this hidden cost you're suggesting in using proprietary online services, but I don't see that they are being used to avoid downloading an executable file, or otherwise provide any such protection against browser-based attacks. To the contrary- all of the above popular services except for Google Docs actually encourage or even require (DropBox) users to download binaries (in the case of Facebook/Twitter mobile apps), and Facebook users are clicking random links to the same kinds of nonsense they had been getting in their email.

  17. Re:Not all apps can be installed in $HOME by h4rr4r · · Score: 2

    No, it would not require applications to be designed for this.
    Applications should not be installing themselves at all. Installation is the job of other system tools, not the application itself.

    You are correct that you would need to do that, but that is pretty much an install task anyway.

  18. Re:Only admins can write to %ProgramFiles% by amliebsch · · Score: 2

    Yes, user-mode programs should install into %LOCALAPPDATA% unless being installed for all users. Chrome, for example, does this correctly, which is why you do not need admin credentials to install it.

    --
    If you don't know where you are going, you will wind up somewhere else.
  19. Re:This is actually part of a bigger problem by istartedi · · Score: 2

    I love that analogy because those of us who resist FaceBook and deal with the marauders are knights.

    --
    For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  20. Re:This is actually part of a bigger problem by mr1911 · · Score: 3, Insightful

    For example, email. On a personal level many of my friends and family have stopped using it and require me to communicate via Facebook. The problem for me is that I don't have a Facebook account. The problem for them is that they don't want spam.

    Huh? The vast majority of what shows up on Facebook is spam. OK, maybe not in the traditional sense given the spam is whatever inane thing someone decides to post rather than a Viagra ad. Oh, you mean the private message thing that no one seems to know how to use because they post conversations in their statuses?

    --
    This post comes with a double-your-money-back guarantee!
    Any offense taken to this post is at your sole discretion.
  21. Comment removed by account_deleted · · Score: 2

    Comment removed based on user account deletion

  22. That sounds about right. by Dcnjoe60 · · Score: 2

    The majority of downloads on our Windows computers seem to be Microsoft patches, so 1 out of 14 being malicious sounds about right.

  23. Re:Not all apps can be installed in $HOME by oakgrove · · Score: 2

    By "application", I mean everything in the .deb, .rpm, or .msi package

    Then why didn't you say that in the first place? Instead, you argued the man down by essentially saying "a package designed to be installed by root has to be installed by root". Just admit you're arguing the wrong point instead of backpedaling and you might leave with some credibility intact. He was obviously referring to software compiled from source 99 percent of which can be installed in $HOME without root powers.

    --
    The soylentnews experiment has been a dismal failure.
  24. Re:Surprise by bmo · · Score: 2

    Name an actual malicious App from the app store.

    Go ahead.

    I'll wait right here.

    These are all policy violations and nothing else.

    Please note I have no skin in this game except laughing at the Windows idiots trying to plug their ears and blind their eyes to the biggest problem in the Windows software universe - that of untrusted repositories.

    Your post screams so much denial it's funny.

    1 in 14. Not my statistic, Microsoft's. Almost 6 billion malware definitions.

    Remove the fucking tree from your eye before pointing out the speck of lint in Apple's or Linux's. Only the most rabid and stupid softie would ignore these statistics and say "hurr everyone else is just as bad off." No, we're not as bad off as you. And we're laughing at you. Laughing as you try to spin this. And the more you spin, the more we laugh at the little retard.

    --
    BMO

  25. Please allow me to rephrase by tepples · · Score: 2

    Just admit you're arguing the wrong point

    I hereby apologize for having argued the wrong point. Please allow me to rephrase: Almost all existing packages are designed to be installed by root.

  26. translation by erdraug · · Score: 2

    erdraug: One in 14 computer users is computer illiterate.

  27. Stat is flawed since their system is broken by Ilgaz · · Score: 2

    Here is a test for you if you have bandwidth and can stop laughing after a logical period. Obviously it is a FIRMWARE UPDATER, don't actually run it!

    Help doc (from a company who is very close to MS and others)
    http://seagate.custkb.com/seagate/crm/selfservice/search.jsp?DocId=215451

    Exe file (as I said, just don't run it!)
    http://www.seagate.com/staticfiles/support/downloads/firmware/MomentusXT-ALL-SD25.exe

    Idiots didn't even create a mechanism to alert false positive so we, "dumb users!" ignored the warning after doing a Kaspersky and Virustotal scan and run it.