New cybersecurity report from Microsoft details risks of running unsupported software
Oct. 29, 2013
Findings highlight importance of using modern software to help protect against cybercriminals.

REDMOND, Wash. Oct. 29, 2013 On Tuesday, Microsoft Corp. released its Security Intelligence Report volume 15, which analyzes threat intelligence from more than 1 billion systems worldwide to provide in-depth perspectives on exploits, vulnerabilities and malware to help customers manage risk. Among other intelligence, the report examines the security risk that consumers and businesses face when using unsupported operating systems and software and looks at the implications of using Windows XP once support, including security updates, ends April 8, 2014. In addition, new telemetry compares the security of modern operating systems such as Windows 8 with older operating systems such as Windows XP that, according to StatCounter, make up approximately 21 percent of operating systems used today.

The report found these top three worldwide threats for those running Windows XP:

  • Sality. Malware family that can steal personal information and lower a PC’s security settings.

  • Ramnit. Malware that infects Windows executable files, Microsoft Office files and HTML files.

  • Vobfus. Family of worms that can download other malware onto a PC; it can be downloaded by other malware or spread via removable drives, such as USB flash drives.

The report found that in the first half of 2013, nearly 17 percent of computers worldwide running up-to-date, real-time security products from Microsoft encountered malware. Although Windows 8 encountered a similar amount of malware as Windows XP, computers running Windows XP were six times more likely to actually be infected with those threats.

“The data help illustrate the positive impact that security innovations in newer operating systems are having. Modern operating systems such as Windows 8 include advanced security technologies that are specifically designed to make it harder, more complex, more expensive and, therefore, less appealing for cybercriminals to exploit vulnerabilities,” said Tim Rains, director of Microsoft Trustworthy Computing.

Rains added that once security updates for Windows XP stop on April 8, 2014, security risks associated with continuing to use the outdated software will increase as cybercriminals seek to exploit newly discovered vulnerabilities. The last version of Windows XP to go out of support was Service Pack 2. In the two years following, malware infections jumped 66 percent when compared with Windows XP SP3, the version for which support ends next year.

“The importance of upgrading from Windows XP cannot be overstated,” Rains said. “We truly want people to understand the risks of running Windows XP after support ends and to recognize the security benefits of upgrading to a more modern operating system — one that includes the latest in security innovations, provides ongoing support and can in turn better protect them.”

Those wanting to download and learn more about the Microsoft Security Intelligence Report findings should visit http://www.microsoft.com/sir.

Microsoft releases its Security Intelligence Report twice a year to inform the public about the most prevalent global and regional threats so they can better protect themselves and their organizations. Volume 15 of the report includes new data from the first half of 2013.

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://www.microsoft.com/news. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/news/contactpr.mspx.

Read More: