Slashdot Mirror
Windows 8 Defeats 85% of Malware Detected In the Past 6 Months
An anonymous reader writes "Now that Windows 8 is on sale and has already been purchased by millions, expect very close scrutiny of Microsoft's latest and greatest security features. 0-day vulnerabilities are already being claimed, but what about the malware that's already out there? When tested against the top threats, Windows 8 is immune to 85 percent of them, and gets infected by 15 percent, according to tests run by BitDefender."
Did any of the malware get past whatever new copy of Windows Security Essentials they cooked up especially for Win 8?
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Have they tried Linux?
... to those other similarly received OSs, Windows ME and Vista?
RGdot.com
Only 61 malware threats managed to infect Windows 7s successor, or about 15.84 percent.
With Windows Defender disabled, 234 of the samples ran successfully (60.78 percent), 138 samples could not be started on the machine for various reasons (35.84 percent), six threats executed but then crashed (1.56 percent), and seven others launched but had their payload blocked by UAC (1.82 percent).
61/234 ... So ... "Windows defender misses 26% of current widespread malware"
The reason being it is an AV maker releasing it. They have reason to want to say "Oh the built in AV scanner sucks, you should buy ours!" They may be stacking the results.
AV Comparatives puts MS Security Essentials at about 95% in their latest test, not 85%. Bitdefender is 99.2%.
However one reason for that is false positive rate. MS is willing to trade off some detection to keep it low, because users get pissed off and want to get rid of scanners with lots of false positives. MSE had 0 false positives, BitDefender had 10.
None of this is to say getting a better virus scanner isn't a good idea, just take anything from a company selling a product in an area with a grain of salt. AV Comparatives seems to indicate that wile MSE is certainly not one of the best virus scanners, it isn't bad.
Pretty sweet.
it gets up to 99.99% I'll get excited.
Since Windows 8 repurposed Microsoft Security Essentials as its new Windows Defender, which is built-in to the operating system, would these statistics hold true for Security Essentials on all systems, or are they unique to Windows 8?
Or is BitDefender just trying to stir up some business?
Why, not a single malware application can be installed on a banana! They too are immune.
Therefore bananas are now the most secure OS
Reacting is always easy, that's why malware is so efficient. There are AV kits out there that detect 98+ percent of the current malware. Problem is not the malware we know about already, the problem is new malware that infects before patches can be applied and AV signatures can be updated.
OF COURSE a new system is more resilient against current malware. By the very nature that a lot of exploits simply don't work anymore because, well, different codebase, different handling of various things malware relies on. By that logic, MacOS is even superior to Win8 because because zero malware for Win7 can infect MacOS.
The more interesting question is why 15% (one in seven) malware threats still work on Win8.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How much of Linux malware got by the popular new linux distributions?
And how and the hell are these malware circumventing Windows anyway? Flash? Someone educate me please.
Run those same tests/malware against Linux/Mac. 0% gets through.
really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.
Soooo the new operating system, which was just released and hasn't yet been targeted by malware writers doesn't get infected by a lot of malware? Of course it doesn't. Windows 8 has around 1% or less of the market, almost no one is writing exploits for it yet.
Run those same tests/malware against Linux/Mac. 0% gets through.
Oh, you so smart! OF COURSE malware designed for Windows won't run on non-Windows! That's like copying bash from your Linux-installation to your Windows-installation and complaining how F/OSS software sucks because it doesn't run.
The malware will work if you run Wine.
Really? You mean they aren't testing any cross platform threats? They should be, as there are a number of such (usually java, but often Adobe as well) that can affect all three platforms.
How does an updated version Windows 7 with Microsoft Security Essentials compare? That information might make this article meaningful.
Run those same tests/malware against Linux/Mac. 0% gets through.
really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.
You never know, Perhaps if WINE is running a Linux host could be at risk... (Not that I know of any viruses that could infect a Linux computer running WINE, except for one case where user intervention is required, but there is a first time for everything.)
Any insufficiently advanced magic is indistinguishable from technology.
Seems about 15% short of the mark
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
That's interesting, the original security press release is quite negative - "Newly launched Window 8 is prone to infection by some 15 per cent of the 100 malware families most used by cyber criminals this year, even with Windows Defender activated, Bitdefender testing revealed." but somehow that's become a positive "Windows 8 protected from 85% of malware detected in the past six months, right out the box"
The original point is that Windows Defender can't detect 15% of this years most popular malware, that's not exactly great for an AV program, or maybe Bitdefender has just written a shill piece with a hand picked sample of unusual malware that trip most AV programs up to flog their own AV solutions?
At any rate the figures useless because they didn't compare it to a fully patched Windows 7 system or alternative AV programs, why did this even make the homepage?
Bitdefender sells security products. Can we get a number from somebody a little less biased, or perhaps somebody biased against microsoft? How about a consulting firm with a good reputation the prefers Linux, but grudgingly supports MS because they have to? Anyway, Bitdefender has an incentive for you to think Win8 is insecure. How are they defining malware? Stuff that says, "to install, please enter admin password"? If 15% of the "malware" comes with those instructions, it'll infect anything.
The malware will work if you run Wine.
I actually have tried that. A lot of the malware that runs fine on Windows crashed or just didn't work properly under Wine. Does that mean Wine is broken, or that the devs haven't broken it enough yet? I can't decide!
so what do the numbers mean? that there are a bunch of 0-days out there that they know but haven't bothered to report or fix in the last 6 months? so the stuff silently installs and does naughty things while you surf your daily dose of naked chicks? or if you download the exe, run it as admin and see what happens, then 15% of the time it works?
I copied bash to my Win8 boxen, ran
# rm -rf /
and now Win8 doesn't boot.
Thanks for the perfect solution.
cheers,
I keep wondering. Software keeps getting better because computers get faster and labor gets cheaper. If you throw enough resources at it it gets done. But most of us entry level techs make our daily bread fixin' up this stuff. It's another symptom of increased productivity. Things get better and better so there's less work to do. But if there's less work there's less jobs, and our whole society is built on Jobs. People can't stand the thought of someone getting paid and not working for it. Jesus, what would we do with replicators?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
So Windows 8 is only 15% compatible with Windows 7? :P
Seriously, even being infected with 15% is horrible.. I have been using linux for many years without a single issue. I'm sure this comment will get flagged as trollbait, but I really do not understand how that is a positive result.
Rephrase the headline - Windows 8 allows 15% of previously-known malware to infect systems.
This space available.
I must nominate flash. Java next. Avoid those and you have a better chance. Add common sense and your odds are improved. Toss in firefox with noscript, and adblock, and you should be in good shape. At that point, it will not really matter if you get rooted, you should be able to re-install/recover your non-NONFREE OS quickly. Basically you really only need to worry about DPI and BIOS/UEFI based rootkits/backdoors. If you are still concerned, then pull the plug and get off the net.
You are being MICROattacked, from various angles, in a SOFT manner.
Linux contributes bash and windows contributes malware. Good to know.
Windows 8 already has natively everything malware does. It tracks you, it tries to sell you crap and it makes the actual usage of the machine for work impossible. What could malware possibly do that Microsoft hasn't already done ?
But they don't affect all platforms equally. Privilege escalation is a very different ballgame on a linux box than on a winows box.
If current malware won't even run on windows 8, are my regular applications going to fare even better?
I haven't read TFA, or the summary, but the headline tells me that Windows 8 has some _serious_ compatibility problems!
"The world has moved to iMoble devices which are mostly locked down."
If you think mobile devices are safely locked down you live in a dream world.
Ok that's pretty good for a brand new state of the art operating system. Remind me again what the fucking definition of progress is?
These horrible pieces of spy/mal/adware that install from CNet need to be detected. I have not found a program that does so.
Windows 8 now ranks in the same odds as having "Safe Sex" with an HIV positive individual. Thanks Microsoft.
Some malware intentionally exits under Wine and other virtualized environments in order to evade detection. Security companies collect large numbers of executable samples and execute them in a sandbox environment, which is sometimes Wine-like or a more complete VM. By exiting harmlessly, the malware appears to be as safe as notepad.exe.
I'm wholeheartedly unimpressed.
Oh and, "purchased by millions"? Like OEM's have a choice?
It's amazing that some people insist that we can't do something which we do all the time. Look at the CVEs man, we find and fix weaknesses all the time. If you did look at the CVEs, you'd find my name. That's pretty solid proof that you're mistaken - I can find vulnerabilities because I do find vulnerabilities. When it comes to Windows, I don't know Windows. I haven't used Windows in fifteen years. When people ask me to work on their computer, I turn away all Windows work except "I forgot my password." I can't USE Windows, but I can sure CRACK Windows.
Sorry, that sounded silly back in 1996 and it's fucking stupid now. Your TV probably runs linux and connects to the internet these days, most likely via a linux wifi access point or router. The "market share" is enormous.
In the last couple versions of Windows, MS has been trying to implement something like the old (pre SELinux) *nix security model. This after having removed it. Why? Because they had removed the security, for good reason, and the *nix model is a good one. In the old days, there were network operating systems. Many users had terminals to one computer, which protected one user's work from other users mistakes or malice. It was designed for security and it was Unix. It was also huge and EXPENSIVE. One day a guy wanted an OS to fit on a 512k floppy disk and run with 128k RAM so people could afford computers at home. Single home computers, not corporate networks. To make Disk Operating System fit on a floppy, he removed stuff DOS didn't need, like security. (No network meant few threats.) A GUI was added. Backwards compatibilty was maintained with the "no security needed" DOS. Then the internet happened, and Bill crapped his pants. Since then, MS has been trying to design security back in, while maintaining backward compatibility. DOS programs still run on Vista, without running into problems with new security added since Disk Operating System. Linux has always been a network OS, never a disk OS, and has therefore never removed the security model.
Somebody writes as it it's ok to be vulnerable to 15% of the malware on the internet. That's roughly the same as being vulnerable to 100%. Let me try to get this straight... 15% is the new 0%?
When all you have is a hammer, every problem starts to look like a thumb.
New OS defeats malware hardcoded for old OS...
Ironic, isn't it? Locking the system down in the name of security kept everything out except what people want kept out. What a waste of a garden wall.....it's not for security.
"First they came for the slanderers and i said nothing."
meaningless to me ... whats 7's score? how about XP sp3 not ran by a retard and or parent? or even... thats not impressive compared to linux invulnerability to malware.
how about this, you have a 15% chance of being a victim of a crime ...
Have you tried opening a big file in notepad? It is not all that safe.
...
I had some guy that downloaded something that pretended to be a dodgy PDF encyption cracking tool but was really a virus, and he infected Win4lin with it. Hilarious, the thing tried to fuck with bits of the system that did not exist. It took seconds to fix since all I had to do was rename an older Win4lin image on that PC. I think that was in 2004. I've seen nothing like that since.
That's great. Looks like it's security is more active than Windows 7.
Much better, MS, but you will be hard pressed to find a UNIX derivative being able to run 15% of malware out there. Much better, and a definite improvement, but nothing compared to true security. I wonder how this could be spun into something positive, unless you are comparing it to previous versions of MS only.
Uh, isn't the actual news the other way around?
The most current version of the OS still is vulnerable to 15% of known threats? That's a pretty damning track record if you ask me.
It means that a billion dollar corporation that put security high on its agenda for several years now still can't create something that is secure against well-known attacks, and can't keep up with patches and let's not even talk about pro-active security.
True, there is no such thing as 100% security. Even OpenBSD has had its 0-days. But we're not talking about 0-days here, we are talking about known threats that have been out there for months.
Assorted stuff I do sometimes: Lemuria.org
Windows 8 is not "immune" to 85% of malware any more than Linux is... The malware was simply never written for windows 8 and is subsequently incompatible with it. Once malware is specifically written to target windows 8 the situation will change.
Windows 7 also suffered very low malware infection rates when it was first released, it just took a little while for new malware to be written and for it to propagate.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Win 8 + BitDefender still being infected by 15% of malware is HORRIBLE.
Seems more realistic.
The problem with most of the security lockout proposals is a question of WHO HOLDS THE KEYS. With Android, most devices are rootable, meaning consumers have the keys. That is not the case for most lock-down systems: it is about user control almost more than security.
86% of malware not yet compatible with brand new version of popular operating system, just released. Film at 11.
More like "ease of use" requires that the computer do stuff for you far more than "solid computer system" does and one of the things computers can do for you is run a virus for you without telling you about it.
The other thing about Linux being open is that you get to see every vulnerability, whereas Windows can have vulnerabilities patched out without you knowing they existed (but the virus used it). It makes the count skewed. You can see 100% of one, and a smaller fraction of the other.
Micro$haft sucks!
Windows 8 Incompatible with 85% of the Most Widely Installed Software
http://alternatives.rzero.com/
This is a lot like saying "This is great news! We only need to remove 15% of your penis! You should be grateful."
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
You assertion "don't work anymore because, well, different codebase, different" is at fault. It probably is largely the same cruft they have since 1995 in many, many core parts. That's why viruses are often "compatible."
..M$'s marketing message ??? Everbody with a clue knew this was the good-old hairball in a fancy new dress. Take off the dress and find the same old lice in the hairballs.
So MS did still has the most vulnerable system (which might be cause by market succcess).
Some may stll have to use the half baked solutions (like Sophos) which might bring more security problems than they actually solve.
And all the others will have to slow there system with on access scanners, because MS coud not come up with a working solution ( ie sandboxed applications)
Saying "smart user" means that such a user never makes a mistake or clicks the slight off or any number of accidental things that happen in Windows.
No the best thing to do is engineer a solution where bolting on software to monitor the user is the cheapest way to do it and it is inadequate because it never solves the fundamental problem: Malware software are doing things no software probably shouldn't be allowed to do. Forget about detection where instead the focus should be on why those features and hooks into the OS exist at all.
Unfortunately, windows 8 also defeats 85% of users who attempt to use it do actually do something useful (as opposed to just oohing and aahing over the pretty tiles)
It's 85% secure.... but you're still running windows 8. So there's that.
Still a huge downside... unless it was so secure it kept you from running windows 8 at all.
House for sale. 85% of the roof doesn't leak.
Boat for sale. 85% of the hull has no holes in it.
Car for sale. Brakes work 85% of the time.
Most malicious programs simply do obnoxious but otherwise benign things. It is not possible to preemptively stop malware from doing something if an otherwise legitimate program would be allowed to do the same. Legitimacy is subjective.
There is a large difference between a malicious program that tries to overwrite the boot record or patch the kernel, and a malicious program which sends out HTTP requests. The former is easy to detect because as you said, it takes actions which no program, legitimate or otherwise, is allowed to do on a stock installation of Windows. The latter is otherwise indistinguishable from a web browser and can only be detected by comparing its behavior to that of a known malicious program, requiring developers to play a constant game of catchup.
This was a problem with Windows XP, the system and user were not properly segregated. Thus, it was common for malware to inject itself into system folders and without a proper antivirus it was almost impossible to detect it. When UAC debuted with Windows Vista many of these attack vectors were supposed to disappear and they did. Unfortunately, it took developers about 5 years to get out of the Windows XP development style and to stop mixing application data and user data. Once a program is installed, there should be little to no reason to put user data in the same location, that's what home folders are for. Users simply clicked "yes" to UAC every time it popped up, or disabled it completely. As much as I wish it were possible to do so, it is not possible to patch stupid.
The exact same security vulnerabilities exist in Linux. Any malicious script or program will have unfettered access to the entire system if the user can be convinced to put 'sudo' in front of it. Any Linux admin knows better than to install something that they don't trust, the same cannot be said for Windows users often install pirated software and the malware that comes with it.
Gee. You just fired 100 bullets at me, and only hit me with 15 or them... give my regards to Broadway! ... thud.
The Morris worm worked because it was new, no-one was expecting it or even considered the existance of anything like it. Now it's obvious but back then it was about as expected as an alien invasion.
Unix closed the obvious security holes very easily but Windows never could close its security holes because you can't retrospectively change bad design decisions without breaking most of your backward compatibility.
Purchased by who? Vendors of new PCs and residents of asylums around the world? No one cares! Maybe, just maybe, more machines will be running Windows 7 than Windows XP shortly. Since no one is running it, no one is looking for vulnerabilities, ergo no malware.
The world has moved to iMoble devices which are mostly locked down.
Funny.. You are joking I hope..
In other words Windows 8 is vulnerable by design, otherwise they would have fixed the known vulnerabilities before releasing a new product.
I am not sure which one is worse.
I know, eh!
I don't get the Windows Eight Hate. I've heard nothing concrete about why it's supposedly so terrible. Does it have lots of driver problems? Is it slow and bloaty? Does it crap out on legacy hardware? Does it have huge security holes? (Which don't require the user to click, "Yes! Please install this malware I downloaded from my favorite porn site!")
I've heard nothing negative on any of those fronts, with the possible exception of walled garden type issues sprouting up, but again, nothing concrete on that either.
So really, I think it might actually boil down to simple aesthetics and some kind of ephemeral popularity contest of the "Luke is a whiner!" type crap, where people don't actually have a problem with anything real but simply want to fit into the crowd by re-tweating whatever memetic bullshit happens to by flying around the coop that day.
And as I understand it, with a click or two, you can make the Win 8 touch interface go away and get into an old-style windows explorer. So what's the big deal?
I know that people can be shallow and ignorant, but every now and again I find myself sincerely baffled by the herd. Are people really, honestly that brain damaged? Is everybody truly operating at a grade 5 emotional level?
Looks that way some days.
Or maybe I'm wrong, and Windows 8 really does suck. Guess I'll find out some day when I get a new computer.
Linux is immune to over 95% of users!
The rest of us have a terminal fascination.
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
Sudo is not always equivalent to root, and SELinux can still put constraints on it anyway. Ubuntu and derivatives disable the root account by default; your more "appliance-like" distros (e.g. Meebo) will lock down things even further. It's relatively simple to configure what sudo will or will not do -- as a system administrator. It's not exactly grandma-friendly, though: sensible defaults are key.
I don't know about other people's use-cases. I need root on a wide variety of commands; restricting sudo on my (Debian) desktop would be more trouble than it is worth. Security always comes at a cost of usability.
The other consideration is that Linux users are, by and large, not downloading programs and scripts off the internet: Most programs are acquired through cryptographically signed repositories. IIRC, there have been a small number of cases where malware has been injected into an official repo, but to a first order approximation it doesn't happen. Win8 would have had a similarly good system with their App store, but they have API restrictions (Metro) which may not go over very well.
The rest of your points notwithstanding. Way too many Windows users are still stuck on XP, and a significant percentage of the rest disable UAC.
It's worth noting that security problems are more of an issue in single-user environments. A competent sysadmin is somewhat of a rarity, but if the NSA's documentation is anything to go by, the level of security achievable with Linux and Windows is pretty comparable -- in the same ballpark anyway. Now if you'll excuse me, I have to go flagellate myself for having said that. ;)
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
once they support all of my current viruses variants that will get modded to be included in that 15%. Does security really sales that much?!?! Apple has never stopped to try to make us a load of controlled idiots that believe that just because something is signed then it is more secure even when using technology from the 70's (objective ... c).
READ IN MONTY PYTHON VOICES, midstream:
JOHN CLEESE: "Protects against all security threats by which means someone wants to take over your wireless printer to print ASCII pr0n! Absolutely *NO* Word 2003 viruses get through. My life's work has been leading up to this."
ERIC IDLE: "Excuse me. I rather like the ASCII pr0n. The problem that I'm facing is that I run a facility --"
"Yes?"
"-- a facility that processes certain *material,* let us say --"
"Yes? Yes? Out with it, man!"
"-- is rather sensitive."
"How do?"
"We're making a nuclear bomb."
"Ah, well why didn't you *say* so?! We've got all kinds of help for you in that case ... "
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5