Slashdot Mirror
Windows XP PCs Breed Rootkit Infections
CWmike writes "Machines running the decade-old Windows XP make up a huge reservoir of infected PCs that can spread malware to other systems, a Czech antivirus company said. Windows XP computers are infected with rootkits out of proportion to the operating system's market share, according to data released Thursday by Avast Software, which surveyed more than 600,000 Windows PCs. While XP now accounts for about 58% of all Windows systems in use, 74% of the rootkit infections found by Avast were on XP machines. Avast attributed the infection disparity between XP and Windows 7 to a pair of factors: The widespread use of pirated copies of the former and the latter's better security. Vlcek assumed that many of the people running XP SP2, which Microsoft stopped supporting with security patches a year ago, have declined to update to the still-supported SP3 because they are running counterfeits."
xp sp3 cracks easily with tools made for sp2. i use windows update and everything. upgrade, people!
Is this really a surprise?
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
Unfortunately the effect is that it impacts others, these are the machines which get used as zombies for spamming, ddos attacks etc.
so rootkit authors can focus on Windows 7
What BS! I am still running SP2 (in a Linux VM) because SP3 is a POK.... and it breaks too many of my necessary applications!
Just so it's clear to everyone, you don't need a "genuine" version of Windows to download and install critical updates. And honestly, SP3 is over 3 years old. It's hard to hold Microsoft or even Windows XP accountable for users refusing to upgrade.
people need to upgrade so that they can experience the joys of losing all their work when Microsoft decides it is time for your system to receive a security patch while you are busy with something else.
Standardising on a non-free operating system thus encouraging people to download rootkitted warez.
Most people worldwide genuinely can't pay $250+ for an operating system.
Well better plan for windows 7 to go long term as the NEW GUI in windows 8 make it vista / ME 2. And seeing how good windows 7 is Big business may just stick to it for a long time like they did with windows XP.
I find the term "counterfeit" in regard to software misleading or at least odd. I could see using it if it was marketed as legitimate, but the term makes no sense otherwise. Most people know their copy is not legit.
The other day, I was looking at yet another hyperbolic report from Symantec that 60,000 new malware variants are released per day. Among the many reasons I find this claim dubious is that it's pretty damned obvious that most malware infections are on old Windows XP installations, which is significantly less secure than newer versions of Windows, especially if they're not being updated regularly. And in those circumstances, why would anyone be wasting time and effort writing new malware, when old malware can already move in and claim the PC as part of a botnet?
I bet someone will come up with a utility that restores the GUI back to sanity.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Here's a few premises:
1. The probability getting an infection increases with time.
2. The average person probably does not format their system and give a clean install until the system becomes nearly unusable (it would cost them money and time).
3. Windows XP has been in use for a long time.
Given these, I would figure that another reason why there would be so many infected PCs with XP out there is that the XP installations have been in use for a lot longer than any of the newer OS installations. I would go as far as to guess that most people today would rather buy a new PC than get a professional to reinstall XP, meaning that these systems currently running XP would have been installed quite a number of years ago.
Just a thought...
The "Metro" interface that people are talking about is not the default GUI anyway. That is the GUI intended specifically for tablets and even then it is entirely optional. People who actually watched any of the published videos would have seen the user jumping back to a stock Windows 7 explorer desktop in the middle of the demo and running normal applications.
Metro is more like Windows Media Center, a secondary UI intended for a specific environment. That said, I do hope that MS considers better integration with Metro and Explorer with tablet installations of the OS as I can see elements of Metro working better in that form factor. On a desktop or laptop it would be absolutely horrid, though, and I doubt most people would ever see it.
A lot of people use xp sp2 because sp3 doesnt bring much to the table, despite causing numerous issues with the computer (granted, most of them are fixed) and a lot of programs out there.
in addition, sp2 has a reputation in gaming circles to be the most bloat-free windows version to be used in gaming. and you will find that xp pro sp2 is still highly ranked in downloads in warez sites. (pro has message queueing, which is used to reduce latency in online games by gamers) moreover, there are special modified or slipstreamed xp sp2 versions in such sites - stripped of even more bloat, and reduced to core components needed for gaming.
a lot of people who run windows 7, download these xp sp2 versions just to use them with games apparently, judging from the posts in the discussions under those files.
so go figure.
Read radical news here
losing all their work when Microsoft decides it is time for your system to receive a security patch
Complain to your application's maintainer. Windows notifies applications before the system is about to restart for updates. Applications that don't save the user's work are defective.
at least that is what it seems like after you install it.
my pc slowed to a crawl after i installed that patch
It always bugs me to hear people use "counterfeit" when talking about illegally copied or distributed software. Do people not understand what these words mean? Apparently not, since we're still talking about "piracy" in a non-piracy sense.
If someone in China were to dress up Linux to look like Windows and sell it as if it were MS Windows, that'd be counterfeit. But so-called "pirated" Windows XP installations are not counterfeit, obviously. I guess it's all about manipulating public thought. Is your copy of windows "genuine?" The thought is quite silly if you think about it. Of course it is genuine. It's windows isn't it? Legal copy? That's the real question. Genuine advantage indeed.
The only "problem" with that version is that it's for system builders.
In fact, it might even be copyright infringement to buy and install that version on your own computer. Microsoft says OEM software is for computers you plan to sell at arm's length, not for computers you plan to use.
on IQ of various browser users. It was shown that MSIE users rate well below 100, which to non-Windows user, was already well known and understood. Of course XP is rooted. Has been all along inspite of what MS and their idiot users claim. I see it on my logs. I see it everytime somebody ask for help on their windows boxes. Personally, I think that window losers should be able to claim insanity and stupidity on such crimes as copyright theft.
For most of the people out there running XP (not all) your machine is an antique. I don't care if it's "only 5 years old" it's ancient. The idea of people complaining about the cost of an OS upgrade is ludicrous. Shop around, you will probably find a machine that is miles faster than your current computer for less than $400. And if you can't afford that, maybe you shouldn't be sitting around using a computer.
"Have you tried unplugging it, and plugging it back in?"
> Windows XP computers are infected with rootkits out of proportion to the operating system's market share
This statement lacks considering time the OS are in use:
XP 11 years - since 2001
W7 2 years - since 2009
So, with 2 years W7 gathered 12 % of infections having 31 % market share, that's 6 % infections/year
and 11 years of XP gathered 74 % of infections having 58 % market share, that's 6.7 % infections/year
Since market share started from 0, let's assume linear increase of market share since release and use W7 with 16.5 % and XP with 37 % average market share over time.
W7 gets 6 % infections/year with 16.5 % market share and XP 6.7 % infections/year with 37 % market share.
Which give factors for W7 0.37 and XP 0.18 infections/year/market share.
W7 more secure? Fat chance!
The memory-demands for SP3 have increased a lot - Where SP2 runs well with 512MB, you need at least 800MB for SP3 to run basic software like IE and Office smoothly. Though this is not official, I have seen too many cases with unresponsive PCs after the upgrade. A good reason to revert back to SP2 if people don't know how or dare to upgrade hardware nor want to spend another €300,- to €500,- on a new computer.
The machines are longer online, so they had more time of being infected. They will be less likely to have users who are tech savy and want to run the latest. As they are less tech savy, they will know less on how to protect themselves.
Don't fight for your country, if your country does not fight for you.
to force the upgrade of MicroScam softwarez.
Most of the XP installations are probably OEM, and people never upgrade them because they're typical Windows users, they're afraid of "breaking something" or they don't have admin rights because they lost the password or got the computer from someone else. The fact that you have to reinstall everything from scratch and might lose your software licenses keeps many people (including myself) from installing Windows 7. Rootkits on XP might be overrepresented simply because XP systems have been running for a longer time, and if the user can't patch them for lack of admin rights they have a bigger chance of getting infected over time.
The notion that you can't easily get cracked XP-SP3 or 7 is bullshit btw.
If all PCs were fixed so they didn't catch or pass on viruses what would all the "security" companies do for a living? Maybe instead of spreading FUD they should just step up a gear. Since this survey has identified a nice big market (i.e. out of support/illegal and therefore un-upgradable O/S's) why don't they stop bleating and start creating products to satisfy this demand?
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
There are plenty of legal copies. That has zilch to do with them getting rooted. Most PC users know nothing about security. Not "very little", but "nothing". That will never change.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
The claims above are likely more due to the length of time of the install than anything to do with the OS itself. I've had my current install of windows for like four years. Nobody with Windows 7 can say that about their OS. And a lot of times spyware ridden machines just stay that way. I demand they look at the data from "time since install" and tell me that that isn't just directly correlated and explains away most of the XP dataset.
It is no longer uncommon to be uncommon.
I was running SP2 until a couple months ago because Windows Update failed to update me to SP3. It turns out that if you had upgraded Internet Explorer to some version under SP2 (IE8?), it would not upgrade to SP3 because doing so would break the downgrade process (you could upgrade to SP3 flawlessly, but if you tried to downgrade back to SP2 it would break) unless you first downgraded IE before upgrading to SP3. Therefore, SP3 would not be listed in Windows Update, and it would not tell you that it was hiding the upgrade, or why. Utterly idiotic. I assume a lot of people are still running SP2 not because their using an unlicensed version, but precisely because, like me, they have a legit installation, but just don't know SP3 was out and being hidden from them, with Windows Update cheerfully telling them every week that their system is perfectly up to date.
"Convictions are more dangerous enemies of truth than lies."
... so in spite of the (supposed) improved security of Win7 and the (in comparison) short time it has been around, a quarter of all infections are on Win7? ...
While it is understandable that the decade old OS is easier to attack, this is definitely no good track record for Win7
Microsoft changed the license years ago so buyers of brand new PCs really don't have any choice, if they want to reinstall their machines, other than taking them back to the shop (and spend $$$) or install a pirated version.
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
So everyone go out right now and pay the $139 for Windows Home Premium. I'll wait...
(This should cause a measurable bump in the economy. Any moment now...)
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Check the old /. threads. ..."? Marketshare was identified as the deciding factor in what "mal-ware" was written.
How many times have you seen the claim that "if Linux had the same marketshare as Windows
Now this seems to contradict those claims.
This is clearly a misuse of statistics for the purpose of piracy propaganda. As others have pointed out, XP has simply been around much longer. It hasn't been long since it was the standard OS on new machines. It was also the last of the OS's to be included as physical media with a new PC (most new PC's just have a restore partition these days, last I checked). Oh, and in my experience XP runs better on low-resource virtualization setups than Windows 7... ESPECIALLY if you avoid SP3! Come on gang, lets not play in to this loaded debate.
"It seems that when people become desperate they consult the gods, and when the gods become desperate they tell lies." -
Could there be some confirmation bias that is clouding the true meaning of the collected stats?
It may not just be that the the remaining XP users are less careful/knowledgable/what-ever on average so aren't fully patched with service packs and so forth either by choice or ignorance. A lot of those XP installs have been around a long time, so have had a much longer period (compared to the average Windows 7 or Vista install) in which they could have been exposed to malware.
Many of the installs not properly patched up with security updates could be a symptom of this, rather than a cause, as there are plenty of examples of malware that block some or all updates from being installed (either accidentally due to the damage they do while hacking their way in, or deliberately as a self preservation measure).
The widespread use of pirated copies of the former and the latter's better security.
I attribute it mainly to the fact that Windows 7 by defaultt at least includes a basic AV software (Windows Defender) whereas Windows XP has none.
And don't mention UAC, please - most people either ignore it and answer YES to all its alerts or disable it altogether right after the installation.
And no, "pirated" versions of Windows XP (most of them are just a VLK version with a valid serial key included) have nothing to do with Windows XP security or lack of it.
I think we should hang a trillion rootable XP virtual machines on the web. The virus will be so busy infecting all these decoys that it won't be able to find the real machines. We can constantly reset these virtual machines back to clean so they won't be propagating the infection, just chewing up the time of the computers sending out the viruses.
problem solved :-)
Some drink at the fountain of knowledge. Others just gargle.
Guess you should read the article.
"XP's share of the infection pie was much larger than Windows 7's, which accounted for only 12% of the malware-plagued machines -- even though the 2009 OS now powers 31% of all Windows PCs."
There are move versions of Win than XP and 7.
We'll have to look at Win7 once it's been in the wild as long as XP.
MS knew exactly what it was doing, and still continues to do, concerning lack of media. The only good thing about Windows 7 is that other than the Home, Premium, Pro versions, there aren't any special Dell/HP-only editions. A valid key should work with the right version.
If your mainframe program assumes that any loss of connection is a command to discard your work, then your mainframe program is defective. Does the operating system have a counterpart to GNU Screen that allows resuming a session?
Why was this modded down? It makes sense.
%APPDATA%\myapp? And now you have to check on startup to see if anything was saved there and let the user know about it
This is exactly the behavior that I expect, and exactly the behavior that applications such as Firefox, Cool Edit Pro, and the like implement. In fact, I seem to remember reading that Microsoft recommends that an application register itself to run once at next login if there happen to be unsaved changes that the user hasn't chosen to save or discard. From Microsoft's guidelines for applications to interact with Restart Manager:
Yay, more logic that has to be implemented in every program.
So is how to load and save files.
i don't on this box and ill say if you goto SP3 a ton of cool games na dapps get broken and sorry im not paying more, and if that means i get wacked once in a while by some virii i can fix then woopity dooo da
That sucking sound isn't the economy being inflated -- it's the sound of money being 'renditioned'.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Microsoft makes the majority of their money from OEM and business. The number of people buying boxed copies of windows is pretty small in proportion. If they would just give it away (or for a small fee) to consumers they would get a lot of good Karma AND cut down on people trying to steal it.
They can EASILY afford it.
It would be a good business decision.
My first reaction was OH GOD NO.
However, after watching several videos I think it is blown out of proportion. It is not that bad because it is not pervasive. The tiles are only the startup login screen. When you get back to your desktop from lunch you will have the weather, traffic reports, email, stock quotes, etc. Then they will go away when you select the desktop to get work done. The Windows 7 desktop is still there and required for Office and other non tiled apps (all of them). In essense you can use Windows 8 as a regular desktop or as a mobile tablet and the response and reviews from Windows 7 mobile and Mango are very high according to www.amplicate.com and others. Applets are not apps and are treated differently. The tile method may not be bad if Office works for it and you have a tiny 9 inch screen netbook and only running a few apps at a time and want to drag pictures in email and facebook applets.
I prefer this approach rather than take away functionality of gnome-shell and Unity. How is taking away the minimize button functionality making your product better?? As long as both are included I am happy and I do not think it will be like the ribbon where you can't get the menus back.
http://saveie6.com/
According to gstats Windows 7 has already taken the majority of marketshare in the US.Only 1 out of 4 are still running XP. In comparison, most of China is heavily XP based with IE 6 being their default browser with 85% running pirated versions of XP which of course is totally different than a corporate locked down XP machine running IE 8, fully patched, with anti virus software you see in developed nations.
I would say it is not XP is the problem more than unpatched decade old computers in 3rd world countries running outdated browsers from 10 years ago being infected. Windows XP Sp 3 with IE 8 is not too bad fully patched and it is MUCH MORE secure than Tho0rx XP Black edition Sp 1 with IE 6 with no anti virus.
http://saveie6.com/
To be fair the OS is only as old as the last patch.
"Vlcek assumed that many of the people running XP SP2, which Microsoft stopped supporting with security patches a year ago, have declined to update to the still-supported SP3 because they are running counterfeits."
I, and many others I know in a forum I frequent, won't upgrade to SP3 as it breaks USB. It's a known bug (for many years) that USB becomes significantly slower in SP3 (it's not known what hardware configurations can avoid the bug). This causes problems with data transfer speeds.
So, either Vista is an utter paragon of security, or
Vista has a (rapidly) vanishingly small market penetration.
Since it was Vista that moved me to vape my next machine's Windows (not sure what it was, Vista or 7. Who cares? Not me.) install and overwrite it with Ubuntu, I suspect the answer is the lack of market penetration.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Windows XP is already old OS, it stayed so long in use, that the malware multiplied during these 9 years. Windows XP will remain installed on my old pc, because it is stable :)
Vacation Rentals
You mean like Microsoft?
New GUI is optional...
people kill people, and people get rootkitted, plain and simple, it is not the computer at fault bu the user using that computer....so windows xp has nothing to do with it....linux can just as easily be rootkitted.
I predict we'll eventually require some kind of licensing and periodic hardware/software security inspections in order to connect a machine to the internet, and somehow impede traffic from countries that don't undertake similar measures. Yes, it will be a pain, but plenty of countries impose periodic certifications on cars, and this wouldn't be that different. It will also make Stallman's head explode from pure rage, but it will kill the botnets, probably.
Install Linux and dispose of the problem before it gets hit again and all that work is wasted.
Repaired Windows is still Windows.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.
That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))
---
Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getti
Yeah. Which is exactly the point. Windows XP installs are going to necessarily be older and have been around longer and perhaps have more malware built up over that time. We just have a correlation between XP and Malware. When the real correlation could be length of time OS installed to Malware and XP installed on systems much longer than Windows 7. There's a lot of things that could explain the data that don't necessarily imply one OS is better than the other or that we need to dish out a lot of cash to upgrade. It could just be that the longer you've had it, the more likely you are to have malware.
And TFA says "rootkits" and the only good way to trash some of those is to reinstall anyhow.
It is no longer uncommon to be uncommon.
The only reason Linux doesn't get as many virus & such is Security-By-Obscurity (lack of market/user share). On PC's it doesn't the market share Windows does is why it's not attacked, period!
(Roughly - 94% of market is Windows, 5% MacOS X, & Linux picks up MAYBE 1% approximately)
So it's not a worthwhile target for malware makers & the efforts they expend on making malware & having spent on bogus domains to infest others with also...
That is, until it's shown that ANDROID (a Linux variant) is being INFESTED LIKE MAD that is.
E.G.-> Linux is also the favored abused target of phishers &/or spammers via its usage of MySQL & PHP coding also & has 4x the amount of unpatched security vulnerabilities that Windows Server 2008 does & near same with Windows 7!
* No, your "Linux is better" b.s. gets blown away easily in light of those 2 last FACTS!
See below in fact...
APK
P.S.=> In fact? Time to BLOW your "forums 'Illogic-Logic'" spinmaster crap to hell with MORE facts & actual logic + documented facts! Ready? Read on:
---
1st - Linux also doesn't have as high quality drivers or as many because board makers KNOW what is "running the show/market " out there, Windows - so, they cater to it immensely!
2nd - Nor does Linux have as many games, by FAR, either... this is mostly the home market in fact!)
3rd - Not only that. but Linux, in its KERNEL ONLY mind you? Has 3.5x the unpatched security vulnerabilities Windows 7 has (which IS a complete "distro" with all of its parts, not just a kernel only)!
4th - Despite all those "Open 'SORES'" eyes (most of whom couldn't code to SAVE THEIR LIVES mind you) allegedly poring over Linux code, how come it has that many more unpatched bugs than Windows 7 has, hmmm??
Closed source is HARDER for hacker/crackers to attack as well, because you're stuck either disassembling it (especially tough with kernel level debuggers) OR fuzzing it, either is tougher than searching out problems in Linux, which you just load into a compiler & step trace its "Open 'SORES'" code with to find screwups in security... hence it still has more security bugs, AND, they are unpatched (despite all the "Open 'SORES'" eyes poring over it, lol!)
Fact, period!
5th - In fact, Linux's kernel ALONE has 3.5x the # of unpatched bugs the ENTIRE SUITE/ARRAY OF WHAT MICROSOFT GIVES YOU TO DO BUSINESS & DEVELOPMENT WITH!
Proof? Ok:
This data's ALL from a respected source (secunia.com) for known security vulnerabilities unpatched:
---
Vulnerability Report: Microsoft SQL Server 2008: (08/02/2011)
http://secunia.com/advisories/product/21744/
Unpatched 0% (0 of 1 Secunia advisories)
Vulnerability Report: Microsoft Internet Information Services (IIS) 7.x: (08/02/2011)
http://secunia.com/advisories/product/17543/
Unpatched 0% (0 of 6 Secunia advisories)
Vulnerability Report: Microsoft Exchange Server 2010: (08/02/2011)
http://secunia.com/advisories/product/28234/
Unpatched 0% (0 of 0 Secunia advisories)
Vulnerability Report: Microsoft SharePoint Server 2010: (08/02/2011)
http://secunia.com/advisories/product/29809/
Unpatched 0% (0 of 0 Secunia advisories)
Vulnerability Report: Microsoft Forefront Endpoint Protection 2010: (08/02/2011)
http://secunia.com/advisories/product/34343/
Unpatched 0% (0 of 1 Secunia advisories)
Vulnerability Report: Microsoft Office 2010: (08/02/2011)