Slashdot Mirror
Windows 8 Defeats 85% of Malware Detected In the Past 6 Months
An anonymous reader writes "Now that Windows 8 is on sale and has already been purchased by millions, expect very close scrutiny of Microsoft's latest and greatest security features. 0-day vulnerabilities are already being claimed, but what about the malware that's already out there? When tested against the top threats, Windows 8 is immune to 85 percent of them, and gets infected by 15 percent, according to tests run by BitDefender."
Did any of the malware get past whatever new copy of Windows Security Essentials they cooked up especially for Win 8?
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Have they tried Linux?
... to those other similarly received OSs, Windows ME and Vista?
RGdot.com
Only 61 malware threats managed to infect Windows 7s successor, or about 15.84 percent.
With Windows Defender disabled, 234 of the samples ran successfully (60.78 percent), 138 samples could not be started on the machine for various reasons (35.84 percent), six threats executed but then crashed (1.56 percent), and seven others launched but had their payload blocked by UAC (1.82 percent).
61/234 ... So ... "Windows defender misses 26% of current widespread malware"
The reason being it is an AV maker releasing it. They have reason to want to say "Oh the built in AV scanner sucks, you should buy ours!" They may be stacking the results.
AV Comparatives puts MS Security Essentials at about 95% in their latest test, not 85%. Bitdefender is 99.2%.
However one reason for that is false positive rate. MS is willing to trade off some detection to keep it low, because users get pissed off and want to get rid of scanners with lots of false positives. MSE had 0 false positives, BitDefender had 10.
None of this is to say getting a better virus scanner isn't a good idea, just take anything from a company selling a product in an area with a grain of salt. AV Comparatives seems to indicate that wile MSE is certainly not one of the best virus scanners, it isn't bad.
Pretty sweet.
it gets up to 99.99% I'll get excited.
Since Windows 8 repurposed Microsoft Security Essentials as its new Windows Defender, which is built-in to the operating system, would these statistics hold true for Security Essentials on all systems, or are they unique to Windows 8?
Or is BitDefender just trying to stir up some business?
Run those same tests/malware against Linux/Mac. 0% gets through.
I'm guessing that at least 40% of the malware that didn't get through failed simply because of shitty backwards compatibility and not a specific security advantage.
I have a rock on my front porch which is 100% secure, but it can't run any software whatsoever.
Who cares! The world has moved to iMoble devices which are mostly locked down.
Why, not a single malware application can be installed on a banana! They too are immune.
Therefore bananas are now the most secure OS
Reacting is always easy, that's why malware is so efficient. There are AV kits out there that detect 98+ percent of the current malware. Problem is not the malware we know about already, the problem is new malware that infects before patches can be applied and AV signatures can be updated.
OF COURSE a new system is more resilient against current malware. By the very nature that a lot of exploits simply don't work anymore because, well, different codebase, different handling of various things malware relies on. By that logic, MacOS is even superior to Win8 because because zero malware for Win7 can infect MacOS.
The more interesting question is why 15% (one in seven) malware threats still work on Win8.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How much of Linux malware got by the popular new linux distributions?
And how and the hell are these malware circumventing Windows anyway? Flash? Someone educate me please.
Hello,
Over on SlashBI, Slashdot's Business Intelligence channel, is an article which may be of interest: Windows 8 Security: What You Need to Know.
Regards,
Aryeh Goretsky
Dexter is a good dog.
Soooo the new operating system, which was just released and hasn't yet been targeted by malware writers doesn't get infected by a lot of malware? Of course it doesn't. Windows 8 has around 1% or less of the market, almost no one is writing exploits for it yet.
How does an updated version Windows 7 with Microsoft Security Essentials compare? That information might make this article meaningful.
I guess. If you are into that sort of thing.
You know you have an awful UI when even the malware writers can't bear to code for it.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
Seems about 15% short of the mark
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
That's interesting, the original security press release is quite negative - "Newly launched Window 8 is prone to infection by some 15 per cent of the 100 malware families most used by cyber criminals this year, even with Windows Defender activated, Bitdefender testing revealed." but somehow that's become a positive "Windows 8 protected from 85% of malware detected in the past six months, right out the box"
The original point is that Windows Defender can't detect 15% of this years most popular malware, that's not exactly great for an AV program, or maybe Bitdefender has just written a shill piece with a hand picked sample of unusual malware that trip most AV programs up to flog their own AV solutions?
At any rate the figures useless because they didn't compare it to a fully patched Windows 7 system or alternative AV programs, why did this even make the homepage?
Bitdefender sells security products. Can we get a number from somebody a little less biased, or perhaps somebody biased against microsoft? How about a consulting firm with a good reputation the prefers Linux, but grudgingly supports MS because they have to? Anyway, Bitdefender has an incentive for you to think Win8 is insecure. How are they defining malware? Stuff that says, "to install, please enter admin password"? If 15% of the "malware" comes with those instructions, it'll infect anything.
so what do the numbers mean? that there are a bunch of 0-days out there that they know but haven't bothered to report or fix in the last 6 months? so the stuff silently installs and does naughty things while you surf your daily dose of naked chicks? or if you download the exe, run it as admin and see what happens, then 15% of the time it works?
I keep wondering. Software keeps getting better because computers get faster and labor gets cheaper. If you throw enough resources at it it gets done. But most of us entry level techs make our daily bread fixin' up this stuff. It's another symptom of increased productivity. Things get better and better so there's less work to do. But if there's less work there's less jobs, and our whole society is built on Jobs. People can't stand the thought of someone getting paid and not working for it. Jesus, what would we do with replicators?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
So Windows 8 is only 15% compatible with Windows 7? :P
Seriously, even being infected with 15% is horrible.. I have been using linux for many years without a single issue. I'm sure this comment will get flagged as trollbait, but I really do not understand how that is a positive result.
Rephrase the headline - Windows 8 allows 15% of previously-known malware to infect systems.
This space available.
I must nominate flash. Java next. Avoid those and you have a better chance. Add common sense and your odds are improved. Toss in firefox with noscript, and adblock, and you should be in good shape. At that point, it will not really matter if you get rooted, you should be able to re-install/recover your non-NONFREE OS quickly. Basically you really only need to worry about DPI and BIOS/UEFI based rootkits/backdoors. If you are still concerned, then pull the plug and get off the net.
You are being MICROattacked, from various angles, in a SOFT manner.
Windows 8 already has natively everything malware does. It tracks you, it tries to sell you crap and it makes the actual usage of the machine for work impossible. What could malware possibly do that Microsoft hasn't already done ?
If current malware won't even run on windows 8, are my regular applications going to fare even better?
I haven't read TFA, or the summary, but the headline tells me that Windows 8 has some _serious_ compatibility problems!
"The world has moved to iMoble devices which are mostly locked down."
If you think mobile devices are safely locked down you live in a dream world.
Ok that's pretty good for a brand new state of the art operating system. Remind me again what the fucking definition of progress is?
These horrible pieces of spy/mal/adware that install from CNet need to be detected. I have not found a program that does so.
Windows 8 now ranks in the same odds as having "Safe Sex" with an HIV positive individual. Thanks Microsoft.
BURRRRRRRN! INCINERATION!
You are the insult master!
I'm wholeheartedly unimpressed.
Oh and, "purchased by millions"? Like OEM's have a choice?
It's amazing that some people insist that we can't do something which we do all the time. Look at the CVEs man, we find and fix weaknesses all the time. If you did look at the CVEs, you'd find my name. That's pretty solid proof that you're mistaken - I can find vulnerabilities because I do find vulnerabilities. When it comes to Windows, I don't know Windows. I haven't used Windows in fifteen years. When people ask me to work on their computer, I turn away all Windows work except "I forgot my password." I can't USE Windows, but I can sure CRACK Windows.
Sorry, that sounded silly back in 1996 and it's fucking stupid now. Your TV probably runs linux and connects to the internet these days, most likely via a linux wifi access point or router. The "market share" is enormous.
In the last couple versions of Windows, MS has been trying to implement something like the old (pre SELinux) *nix security model. This after having removed it. Why? Because they had removed the security, for good reason, and the *nix model is a good one. In the old days, there were network operating systems. Many users had terminals to one computer, which protected one user's work from other users mistakes or malice. It was designed for security and it was Unix. It was also huge and EXPENSIVE. One day a guy wanted an OS to fit on a 512k floppy disk and run with 128k RAM so people could afford computers at home. Single home computers, not corporate networks. To make Disk Operating System fit on a floppy, he removed stuff DOS didn't need, like security. (No network meant few threats.) A GUI was added. Backwards compatibilty was maintained with the "no security needed" DOS. Then the internet happened, and Bill crapped his pants. Since then, MS has been trying to design security back in, while maintaining backward compatibility. DOS programs still run on Vista, without running into problems with new security added since Disk Operating System. Linux has always been a network OS, never a disk OS, and has therefore never removed the security model.
Somebody writes as it it's ok to be vulnerable to 15% of the malware on the internet. That's roughly the same as being vulnerable to 100%. Let me try to get this straight... 15% is the new 0%?
When all you have is a hammer, every problem starts to look like a thumb.
New OS defeats malware hardcoded for old OS...
Ironic, isn't it? Locking the system down in the name of security kept everything out except what people want kept out. What a waste of a garden wall.....it's not for security.
"First they came for the slanderers and i said nothing."
meaningless to me ... whats 7's score? how about XP sp3 not ran by a retard and or parent? or even... thats not impressive compared to linux invulnerability to malware.
how about this, you have a 15% chance of being a victim of a crime ...
That's great. Looks like it's security is more active than Windows 7.
Much better, MS, but you will be hard pressed to find a UNIX derivative being able to run 15% of malware out there. Much better, and a definite improvement, but nothing compared to true security. I wonder how this could be spun into something positive, unless you are comparing it to previous versions of MS only.
Uh, isn't the actual news the other way around?
The most current version of the OS still is vulnerable to 15% of known threats? That's a pretty damning track record if you ask me.
It means that a billion dollar corporation that put security high on its agenda for several years now still can't create something that is secure against well-known attacks, and can't keep up with patches and let's not even talk about pro-active security.
True, there is no such thing as 100% security. Even OpenBSD has had its 0-days. But we're not talking about 0-days here, we are talking about known threats that have been out there for months.
Assorted stuff I do sometimes: Lemuria.org
Windows 8 is not "immune" to 85% of malware any more than Linux is... The malware was simply never written for windows 8 and is subsequently incompatible with it. Once malware is specifically written to target windows 8 the situation will change.
Windows 7 also suffered very low malware infection rates when it was first released, it just took a little while for new malware to be written and for it to propagate.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Win 8 + BitDefender still being infected by 15% of malware is HORRIBLE.
Seems more realistic.
The problem with most of the security lockout proposals is a question of WHO HOLDS THE KEYS. With Android, most devices are rootable, meaning consumers have the keys. That is not the case for most lock-down systems: it is about user control almost more than security.
86% of malware not yet compatible with brand new version of popular operating system, just released. Film at 11.
More like "ease of use" requires that the computer do stuff for you far more than "solid computer system" does and one of the things computers can do for you is run a virus for you without telling you about it.
The other thing about Linux being open is that you get to see every vulnerability, whereas Windows can have vulnerabilities patched out without you knowing they existed (but the virus used it). It makes the count skewed. You can see 100% of one, and a smaller fraction of the other.
Micro$haft sucks!
Windows 8 Incompatible with 85% of the Most Widely Installed Software
http://alternatives.rzero.com/
This is a lot like saying "This is great news! We only need to remove 15% of your penis! You should be grateful."
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
You assertion "don't work anymore because, well, different codebase, different" is at fault. It probably is largely the same cruft they have since 1995 in many, many core parts. That's why viruses are often "compatible."
..M$'s marketing message ??? Everbody with a clue knew this was the good-old hairball in a fancy new dress. Take off the dress and find the same old lice in the hairballs.
Funny the Robert Morris Worm got to UNIX though eh? See here -> http://en.wikipedia.org/wiki/Morris_worm
(As far back as 1988 no less...)
---
PERTINENT QUOTE/EXCERPT:
"The Morris worm or Internet worm of November 2, 1988 was one of the first computer worms distributed via the Internet... It is considered the first worm and was certainly the first to gain significant mainstream media attention... The Morris worm worked by exploiting known vulnerabilities in Unix sendmail, finger, and rsh/rexec, as well as weak passwords."
---
* NOW, what was that YOU said again about security on UNIX?
"the *nix model is a good one... It was designed for security and it was Unix." - by raymorris (2726007) on Saturday November 10, @12:47AM (#41940085)
(HOW IRONIC! I just noticed YOUR LAST NAME, is morris, upon quoting you... lol!)
It was "good", until the hacker/cracker type started "probing" it & poking around in it, exposing the weaknesses in it & apps that run on it... same will happen to Windows 8!
It's not so much the OS being exploited anymore as it is the apps or middlewares that "ride on it", ala Flash & other "browser plugins & toolbars", Java, Javascript, iframes, ActiveX (IE), etc./et al...
NOW - Personally, I do LIKE some of the new features in Windows 8 though (beneath the foolish tablet/smartphone-based "metro" interface that is):
---
Guard Pages -> http://news.softpedia.com/news/Chris-Valasek-The-Windows-8-Heap-Manager-Is-the-Most-Secure-to-Date-282466.shtml
Chunk Randomization -> (same link as above)
And, my "favorite" (not really security-related as much as the other 2 above): Self-Terminating Services - which means services (like *NIX daemons) finding themselves inactive, "auto-magically" shut themselves DOWN... this saves "tuners/tweakers" a bit of work, since we've been doing services tuning since, forever (myself back into the Windows NT 3.51 days onward to present into Windows 7 64-bit, currently)...
---
(HOWEVER - like I said above, & you guys all pretty much KNOW this too: The apps will be "targetted-for-termination" more than ever! History above even shows us that on UNIX... So, is that a "bad thing"?? Yes, sure, initially... but, not when the bugs & security holes "shake out", & they WILL, eventually!)
APK
P.S.=> Also, again - lastly: Hate to "burst anyone's bubble", but the original UNIXES were NOT designed with security in mind... No more than the internet was!
In fact, & this is some "interesting trivia"?
UNIX was designed initially for TEXT PROCESSING WORK -> http://www.ibm.com/developerworks/aix/library/au-textprocess.html
PERTINENT QUOTE/EXCERPT:
"The origin of UNIX® lies in simple text processing"
"Believe-it-or-not"...
... apk
So MS did still has the most vulnerable system (which might be cause by market succcess).
Some may stll have to use the half baked solutions (like Sophos) which might bring more security problems than they actually solve.
And all the others will have to slow there system with on access scanners, because MS coud not come up with a working solution ( ie sandboxed applications)
Saying "smart user" means that such a user never makes a mistake or clicks the slight off or any number of accidental things that happen in Windows.
No the best thing to do is engineer a solution where bolting on software to monitor the user is the cheapest way to do it and it is inadequate because it never solves the fundamental problem: Malware software are doing things no software probably shouldn't be allowed to do. Forget about detection where instead the focus should be on why those features and hooks into the OS exist at all.
Unfortunately, windows 8 also defeats 85% of users who attempt to use it do actually do something useful (as opposed to just oohing and aahing over the pretty tiles)
It's 85% secure.... but you're still running windows 8. So there's that.
Still a huge downside... unless it was so secure it kept you from running windows 8 at all.
House for sale. 85% of the roof doesn't leak.
Boat for sale. 85% of the hull has no holes in it.
Car for sale. Brakes work 85% of the time.
Most malicious programs simply do obnoxious but otherwise benign things. It is not possible to preemptively stop malware from doing something if an otherwise legitimate program would be allowed to do the same. Legitimacy is subjective.
There is a large difference between a malicious program that tries to overwrite the boot record or patch the kernel, and a malicious program which sends out HTTP requests. The former is easy to detect because as you said, it takes actions which no program, legitimate or otherwise, is allowed to do on a stock installation of Windows. The latter is otherwise indistinguishable from a web browser and can only be detected by comparing its behavior to that of a known malicious program, requiring developers to play a constant game of catchup.
This was a problem with Windows XP, the system and user were not properly segregated. Thus, it was common for malware to inject itself into system folders and without a proper antivirus it was almost impossible to detect it. When UAC debuted with Windows Vista many of these attack vectors were supposed to disappear and they did. Unfortunately, it took developers about 5 years to get out of the Windows XP development style and to stop mixing application data and user data. Once a program is installed, there should be little to no reason to put user data in the same location, that's what home folders are for. Users simply clicked "yes" to UAC every time it popped up, or disabled it completely. As much as I wish it were possible to do so, it is not possible to patch stupid.
The exact same security vulnerabilities exist in Linux. Any malicious script or program will have unfettered access to the entire system if the user can be convinced to put 'sudo' in front of it. Any Linux admin knows better than to install something that they don't trust, the same cannot be said for Windows users often install pirated software and the malware that comes with it.
Gee. You just fired 100 bullets at me, and only hit me with 15 or them... give my regards to Broadway! ... thud.
Purchased by who? Vendors of new PCs and residents of asylums around the world? No one cares! Maybe, just maybe, more machines will be running Windows 7 than Windows XP shortly. Since no one is running it, no one is looking for vulnerabilities, ergo no malware.
The world has moved to iMoble devices which are mostly locked down.
Funny.. You are joking I hope..
In other words Windows 8 is vulnerable by design, otherwise they would have fixed the known vulnerabilities before releasing a new product.
I just wanted to point out apps get attacked once the OS is fairly secured - even *NIX shows us THAT MUCH, via the Morris worm!
(By-the-by - lol, I like your "alien invasion" analogy!)
HOWEVER: This part I have to disagree with:
"Windows never could close its security holes because you can't retrospectively change bad design decisions without breaking most of your backward compatibility." - by 1s44c (552956) on Saturday November 10, @02:01PM (#41944163)
How/Why?
Well - since I practically "wrote the book" on how to secure a Windows machine (since 1997 in fact):
To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.
That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))
---
Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but
I know, eh!
I don't get the Windows Eight Hate. I've heard nothing concrete about why it's supposedly so terrible. Does it have lots of driver problems? Is it slow and bloaty? Does it crap out on legacy hardware? Does it have huge security holes? (Which don't require the user to click, "Yes! Please install this malware I downloaded from my favorite porn site!")
I've heard nothing negative on any of those fronts, with the possible exception of walled garden type issues sprouting up, but again, nothing concrete on that either.
So really, I think it might actually boil down to simple aesthetics and some kind of ephemeral popularity contest of the "Luke is a whiner!" type crap, where people don't actually have a problem with anything real but simply want to fit into the crowd by re-tweating whatever memetic bullshit happens to by flying around the coop that day.
And as I understand it, with a click or two, you can make the Win 8 touch interface go away and get into an old-style windows explorer. So what's the big deal?
I know that people can be shallow and ignorant, but every now and again I find myself sincerely baffled by the herd. Are people really, honestly that brain damaged? Is everybody truly operating at a grade 5 emotional level?
Looks that way some days.
Or maybe I'm wrong, and Windows 8 really does suck. Guess I'll find out some day when I get a new computer.
Linux is immune to over 95% of users!
The rest of us have a terminal fascination.
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
Sudo is not always equivalent to root, and SELinux can still put constraints on it anyway. Ubuntu and derivatives disable the root account by default; your more "appliance-like" distros (e.g. Meebo) will lock down things even further. It's relatively simple to configure what sudo will or will not do -- as a system administrator. It's not exactly grandma-friendly, though: sensible defaults are key.
I don't know about other people's use-cases. I need root on a wide variety of commands; restricting sudo on my (Debian) desktop would be more trouble than it is worth. Security always comes at a cost of usability.
The other consideration is that Linux users are, by and large, not downloading programs and scripts off the internet: Most programs are acquired through cryptographically signed repositories. IIRC, there have been a small number of cases where malware has been injected into an official repo, but to a first order approximation it doesn't happen. Win8 would have had a similarly good system with their App store, but they have API restrictions (Metro) which may not go over very well.
The rest of your points notwithstanding. Way too many Windows users are still stuck on XP, and a significant percentage of the rest disable UAC.
It's worth noting that security problems are more of an issue in single-user environments. A competent sysadmin is somewhat of a rarity, but if the NSA's documentation is anything to go by, the level of security achievable with Linux and Windows is pretty comparable -- in the same ballpark anyway. Now if you'll excuse me, I have to go flagellate myself for having said that. ;)
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
once they support all of my current viruses variants that will get modded to be included in that 15%. Does security really sales that much?!?! Apple has never stopped to try to make us a load of controlled idiots that believe that just because something is signed then it is more secure even when using technology from the 70's (objective ... c).
READ IN MONTY PYTHON VOICES, midstream:
JOHN CLEESE: "Protects against all security threats by which means someone wants to take over your wireless printer to print ASCII pr0n! Absolutely *NO* Word 2003 viruses get through. My life's work has been leading up to this."
ERIC IDLE: "Excuse me. I rather like the ASCII pr0n. The problem that I'm facing is that I run a facility --"
"Yes?"
"-- a facility that processes certain *material,* let us say --"
"Yes? Yes? Out with it, man!"
"-- is rather sensitive."
"How do?"
"We're making a nuclear bomb."
"Ah, well why didn't you *say* so?! We've got all kinds of help for you in that case ... "
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5