back to article Fight malware by upgrading to Vista, urges MS

Microsoft is pushing improved malware defences as a reason to shift over to Vista. Systems running Microsoft’s latest operating system recorded 60 per cent less malware infections than XP, according to figures obtained using Microsoft’s malicious software removal tool. Ben Fathi, corporate vice president of development for …


This topic is closed for new posts.
  1. Andy Worth

    Closer to the truth

    More like no-one can be arsed to sit and fiddle with Vista for long enough to discover the vulnerabilities. I remember when they said the same sort of thing about XP (increased security etc.) and how long did it take for the "features" to start being exposed?

  2. Anonymous Coward

    Is "secure" even in the Microsoft directory?

    "60 per cent less malware infections than XP"

    So we are supposed to be happy that the typical Vista box is only half as infested with malware as the typical XP box?

    This must be a new meaning of the word "secure" I was not previously aware of.

  3. Keith Turner

    Red rags and bovine stuff

    "Systems running Microsoft’s latest operating system recorded 60 per cent less malware infections than XP"

    Give 'em a chance, they're still having fun with XP/ME/W98 users.

  4. Anonymous Coward


    Presumably urging them to upgrade to Mac OS X wouldn't have looked too good on their business plan, eh?


  5. Anonymous Coward
    Anonymous Coward


    Lets get it straight Vista is malware. At least the version I have got is.

    Redmond, ever heard “if it ain’ broke don’t fix it”?

  6. Jude Bradley

    Absolute FUD!

    To paraphrase Paul McCartney on his album RAM to M$ (no pun intended) I can smell your crap a mile away

  7. Tawakalna
    Gates Horns

    ha-ha..**dy ha. As if.

  8. M

    Vista is better at fighting off Malware....

    ...oh really! Shame that the Open University had drummed about the statistics are nothing but damn lies.

    So reckon you did better go back to drawing board as why we ought to buy Vista...!

  9. Anonymous Coward
    Gates Horns

    Car manufacturers should try it..

    Imagine Ford if they said:

    "Sick and fed up of people stealing your Ka? Sick and fed up of it breaking down? Sick and fed up of it crashing?

    You need to upgrade to a new Fiesta : more reliable, more secure"..

    The Cheek of Microsoft really does amaze me sometimes. "Looking back on it our last product was crap.. so please buy our new one"

    Still I suppose Gillette do it all the time with their razors so why not Microsoft.

  10. Andrew Moore


    Vista IS malware. It's rather like saying 'Fight VD by contracting syphilis"

  11. Jaap Stoel

    Better then life!

    Yes Vista has better security then Linux!

    Of course there's a smaller infestation of vista systems. With the majority of users still running XP its not smart for a developer to target vista vulnerablities.

    Please go on, make me laugh some more

  12. Anonymous Coward
    Thumb Down

    Yeah yeah yeah

    Upgrade to improve protection against malware!

    They said that about 2000, and XP.

  13. Hedley Phillips

    Vista is a virus

    Vista is unusable.

    We couldn't even copy files from one directory to another. It sat calulating the time it would take to complete the task and then the copy window just decided to vanish.

    I ended up using xcopy in dos to perform the move.

    I then tried to burn a DVD. It froze and I had to pull the power cable out.

    How on earth did this piece of rubbish ever get released?

  14. regadpellagru

    Vista more secure than Linux ? Not.

    "Ben Fathi, corporate vice president of development for Windows, claimed on Tuesday that Vista experienced fewer security vulnerabilities than either Mac OS X, Windows XP or Ubuntu Linux."

    I won't be making comments on Vista vs. XP or MacOS X, apart from the usual "less Vista than any of the others, thus have the numbers been compared fairly ?", but the Vista vs. Linux, I'd like one day to get a demo on how you infect so many Linux boxes so as Fathi has anything close to a valid point.

    I've put my Linux PC direct to the net, unfirewalled, for years before DSL routers were the norm, and never saw any malware/virus or anything like that. Anyone up for doing the same with Vista for 8 months ?

    Is this Fathi guy of the same family as Ballmer ;-)

  15. Jan Buys

    So what they mean is ... ?

    ... that even malware writers cannot get their software to run properly on a Vista box?

  16. Tom

    Like preventing forest fires with a flare gun

    They say Macs/unix... don't get attacked because no one uses it.


    No one uses vista, but it's not attacked because it's more secure. Wait another year and see how it's standing up then.

  17. Dan
    Paris Hilton

    I wonder whether

    Paris Hilton has upgraded yet

  18. Morely Dotes
    Paris Hilton

    @ Dan

    Paris hasn't upgraded because she doesn't know how to boot the Ubuntu CD.

    Dumping M$ and installing a *real* OS is what you meant by "upgrading," is it not?

  19. Bill Buchan


    Who needs virii and malware when Vista deletes, hides or locks your files so you cant get em ? (Dont get me started on the DRM..)

    I suffered that POS for two months, downgraded to XP after it started deciding to delete my home folder, and then bought a Mac. In fact, three (whole family) and am now rampaging through my test infrastructure, removing MS Win2k3 and replacing it with Linux.

    I'm aiming to not be reliant on an MS operating system by the end of the year. Sure I'll have test machines, but nothing my business relies on. As befits Windows *legacy* status.

    If you want to avoid Malware, just avoid MS.

    --* Bill

  20. Andy Bright

    Vista is Malware

    Let's forget for the moment that Vista is susceptible to viruses over a decade old and pretend it really is a safe computing environment..

    Let's ignore the fact that the software required to protect you from malware never seems to be intelligent enough to protect against new viruses, worms or spyware - and probably slows your computer down as much as the malware it pretends to protect your from.

    My contention is that Windows XP running on a popup generating, spam bot is more efficient than Vista in any of its forms - even with Aero switched off.

    Sure popups are annoying ("Application XYZ is trying to install software - Allow.. Deny.. etc") and use of your bandwidth to spew spam means slower downloads ("Your Antivirus definitions have been updated", "Updates are ready to Install"). And absolutely worms that reset your computer can mean the loss of work ("An important update was installed and your computer has been reset"), but when the OS itself is more resource intensive than the worst spyware - something is seriously wrong.

  21. Eddie Johnson

    Please don't Spread MS's Lies for Them

    Please don't mindlessly parrot whatever TLA MS makes up without investigating whether it actually does something. You mention User Account Control (UAC) and I have to wonder what this is beyond the basic concept of NOT HAVING EVERY FREAKING IDIOT LOGIN AS ROOT, something that Unix has had for 30+ years. Seriously. If MS hadn't spent the NT/2K/XP years encouraging everyone to create an admin account would we need UAC? Kind of like their System File Protection (SFP) which they created because they never figured out how to acually use NTFS protections to accomplish what they were designed for, preventing unauthorized file modification.

    Patch upon patch upon poorly designed foundation, that's the MS design paradigm.

  22. Glenn Gilbert
    Thumb Down

    ONE malware infestation is too many...

    > Systems running Microsoft’s latest operating system recorded 60 per cent less malware infections than XP

    That's the most absurd thing I've ever heard. OK, not ever, but certainly the biggest tosh that's spouted from Microsoft's derrière for a while.

    So, as I understand it, this means that XP is crap and Vista is better. XP has, say, 100,000 malware infections and Vista has 40,000?

    I don't care if it's 40 malware infections against 100, as ONE malware infestation is ONE too many as it's the ONE that buggers up your machine. I have *never* heard of an OSX or Linux system that's ever been infested outside of a lab.

    And who the hell wants Vista? My only limited experience was where it took 8 hours to install Office 2007. Copying the CD to back it up to the hard disc took forever.

    After 18 years working with windows (since Windows 2) I've decided I'm skipping a version.

    Goodbye Microsoft, for you are truly away with the fairies.

    BTW if something is 60% less than something else, this doesn't mean one thing is 100 and the other 40. It means that one thing is 100 and the other is 62.5, i.e. 62.5 x 1.6 = 100. Which makes the malware situation worse. Unless my 'riffmatic is 'rong.

  23. Anonymous Coward
    Anonymous Coward

    Exposure time...

    Vista probably does present less risk to the Microsoft consumer.

    After all, risk is proportional to the amount of *exposure time* or time actually using a Microsoft OS.

    People like Vista a lot less than XP, and it is more frustrating to use and slower. Plus, many people feel their privacy has gone out the *window*, with Vista DRM watching their every move while using their computer. And they are more likely to switch their machines off in frustration after being told what to do by Microsoft's latest creation for an hour or so.

    So, less time using their computer = less exposure time and risk.

    (Alternatively, anyone now can load non-proprietary, no-spyware open-source OS's such as Linux on their PC's and enjoy a truly secure computing experience, or use a Mac, which is proprietary but at least non-Microsoft, but to each his/her own).

  24. Andrew Yeomans

    Fathi's vulnerability slide at RSA

    ...came from the Jeff Jones report comparing the number of vulnerabilities found during the first 6 months of each product's life. See page 10 of as mentioned on

    Jeff doesn't actually say that Vista is more secure, but does say "Windows Vista has an improved security vulnerability profile over its predecessor and a significantly better profile relative to comparable modern competitive operating systems."

    Any flames have probably been said already in the Slashdot articles linked by Jeff.

  25. Geoff Mackenzie

    Re: Syphilis as VD protection

    ... Yup, although Herpes will do. You won't catch anything else if nobody will fuck you.

    I prefer to write my malware for a stable platform. :) Anyway, how come the "minority systems seem more secure because less people target them," argument only works for Microsofties?

    ...and another thing: not fair comparing all vulnerabilities in Ubuntu plus numerous apps to vulnerabilities in a barely functional, minimalist desktop toaster OS alone. Compare Vista, Office, IE, and Media Player vulnerabilities to vulnerabilities affecting the Ubuntu 6.x-7.x (the timing works out, more or less) desktop edition default install and we're approaching fairness, though it's still worth factoring in the fact that the Windows boxes in question are, in the main, bogged down with a ton of malware condoms while the Linux boxes stick their - er - necks out, generally getting away with it quite nicely.

  26. neil

    Fair comparison?

    "Vista experienced fewer security vulnerabilities than either Mac OS X, Windows XP or Ubuntu Linux"

    Is this the old M$ FUD comparison of just Vista (used to be XP) as shipped against the typical full Linux distro with every package? I think they should also count every windows app and their security vulnerabilities for a real comparison.

  27. Aubry Thonon

    Old Joke.

    Hacker 1: "I heard that if you play the Vista CD backwards you get a satanic message."

    Hacker 2: "That's nothing - if you play it forwards, it installs Vista!"

  28. Dr. Vesselin Bontchev
    Thumb Down

    What a load of crap

    "Systems running Microsoft’s latest operating system recorded 60 per cent less malware infections than XP, according to figures obtained using Microsoft’s malicious software removal tool."

    Of course! 60% of any old software doesn't run on Vista at all. (No 16-bit application works, for instance.) That doesn't argue for the security of Vista - it argues for its incompatibility. When Windows XP appeared, many malware programs for Windows 9x (e.g., boot sector viruses) stopped working. That didn't make the users more secure - it just phased out the obsolete malware. Of course, new malware was created and took the freed place. The same will happen with Vista.

    "Vista contains improved security features such User Account Control"

    While a great security feature for the security-minded, the UAC's intrusiveness is totally intolerable by the average user and gets quickly turned off.

    "Fathi left the stage without fielding questions"

    How convenient.

    "Often the weakest link stems from users, Fathi argued."

    Great observation. Let's eliminate the users of Microsoft's products - it will improve security a lot.

  29. BitTwister

    Desperate measures from a has-been

    If they really meant any of this utter nonsense then they'd be fixing the vulnerabilities in their PREVIOUS releases - the ones currently responsible for generating all this crap because they've been own3d, and not trying to get everyone to upgrade to the chrome-plated turd that is Vista. Of course, the extra income generated by such upgrades has nothing to with it at all. Oh no, nothing at all.

    Crap that (allegedly, and ad nauseum) is 'more secure' than their other crap is still crap.

  30. Remy Redert


    By comparison, those first 6 months sure do look favourable. Ofcourse, linux was written originally by a bunch of code monkeys trying to get something that resembled a working OS, then recoded several times over and patched up from scratch.

    The linux kernel did not start out as an extremely secure basis for an OS (Though it was by design certainly a lot safer then XP already), it started out as a good idea, with a half decent implementation and a LOT of unexpected problems.

  31. Dennis Price

    Eh, who cares.....

    ...I've been running Vista Business since it came with my MS Partners action pack thingy and I'm cool with it - after I turned that damn UAC crap off anyway. (kudos to El Reg for the upgrade-clean-install link)

    One issue I've found is that Dell, HP, et al put the minimum amount of ram in their machines for Vista - run at least 2 gigs and it works fine - and don't bitch at me about compatability, everything works on this office-built comp right out of the plastic cd holder Vista came in.

    I'm still waiting for the issues with Vista that folks seem to be having... waiting with my office of 10 Vista workstations connecting with Win2k3 fileservers.

    Just from all the bitching, I must be the only one around with a decent Vista network... and I'm not THAT good - just good enough.

    Again, Who cares? Works for me.

  32. Sandy

    What's all the fuss?

    My notebook is an ASUS VX2 that came bundled with Vista Ultimate and it works, ultimately. The reason it works at all is because I've set my rig up to dual boot with XP.

    Vista is not a functional OS and everyone that's tried it knows that.

    Just try unzipping a compressed file... badabing! You have an empty file!

    So, if you want to do perform some sort of impromptu computer maintainence (i.e. heaven forbid, a driver update!!!) you can download it with Vista, then reboot into XP to unzip the file, then reboot into Vista to install the file.

    Having said that, it's more than abundantly clear that after an operation like that you have exposed your PC/systems to not just one, but TWO discrete events of potential malware attack.

    All things considered, it is more correct to say that using Vista to it's optimal standard is 140% LESS secure than using XP alone.

    I don't know where the Microsoft marketting team gets their gall. Historically, only monarchies, politicians and clergymen have been able to get away with this sort of thing.


    PS: Apparently ASUS is also intimately familiar with the challenges that go along with attempting to operate high quality hardware with disfunctional software. Hence, their website now provides a complete offering of XP drivers for VX2 notebooks.

    PPS: Actually, I like Microsoft products (the ones that work). I just wish they wouldn't use the "unwashed masses" (i.e. me) to alpha test their software products. Vista is very similar to WinMe, in that it fails to perform to an acceptable standard. Microsoft should consider that in their performance evaluations of their executive staff.

    I.e. I can't imagine an entire staff of junior compilers deciding they just don't give a f**ck about the projects they are working on.

    However, I can imagine an executive oligarchy that is more focused on their own performance benefits and personal portfolios than anything related to product quality.

    Note: I disenclude the Microsoft marketting staff from the immediately former comments. It's their place to sell product with no consideration whatsoever to quality, and they're doing one hell of a good job.

  33. Anonymous Coward
    Black Helicopters


    I'll tell you why it's "more secure" than XP - it's because Vista can't get on the Internet to contract anything! A lone man on a desert island isn't going to catch a VD, and a lone Vista machine - no matter how well it runs otherwise - isn't going to encounter malware (although I'll agree it's malware itself) if it's not online because IE7 isn't cooperating, or cooperating so badly that the only way you can get someone online is to download Firefox or Opera, which are both more secure browsers than the more-holes-than-swiss-cheese-IE. I work at a help desk supporting PCs for a retailer (doesn't want to take too many returns back, y'know), and the two most common Vista issues I've taken calls on: IE7/networking and unsupported older drivers giving it a stomach ache. Full Factory Reinstall, anyone?

    Dennis - count your blessings. I think one of the reasons you are so lucky is because you are using the Business edition, which I believe doesn't come with all the bloat and crapware of the standard consumer versions. Can't alienate their precious corporate customers; it's only the average consumer that gets to have M$'s failures rammed down their throats.

  34. Angus


    Why would anyone with half a brain want to upgrade to VISTA?

    When it came out, I thought I would see how bad it was. So, I dutifully backed up my old system using the XP backup utility and installed a clean version of VISTA. After a few issues I finally got it installed......

    Right, I thought, let's get my data restored....

    WHOA steady tiger...can you imagine my complete dismay to find that the data.bkf file that I created in XP could not be read by VISTA because it was not compatible????? Why, why, why, would you allow this so very fundamental balls up to be released to a public that was already sceptical about the crap that MS releases??? To get over this hurdle, MS revealed that you have to download a utility from their website to be able to read your old backup files!!! Wait for was called "NTBACKUP"...FFS!!! So in the newest version of the OS, you cannot read your old backups without downloading a utility designed for the version of the OS that is 2 releases older than the one you are releasing!!!!! I almost fell off my chair!!

    I did what any sensible person should do.....went out and bought a MacBook Pro and switched to Mac...I have never looked back. It works, it never crashes, it performs sooooo much better, it is stable, functional, better to look at and I actually trust that I can do online shopping on it!!!

    Save your a Mac...

    Angus Glover

  35. James Condron

    @Dennis Price

    Calm before the strom, my friend. Is it not possible that you're having some issues, but no more than before? I fail to believe for a moment that anyone has a set up that *Just Works*. Even the Mac fanboys (fairy boys?)

  36. Anonymous Coward
    Gates Horns


    "Technology on its own can only help mitigate, not eradicate, malware problems. Often the weakest link stems from users, Fathi argued."

    Ya know, he's got a point there. Aside from all software issues, Windows boxes have more malware infestations because they are owned by stupid people. QED.

  37. Anonymous Coward

    Divided by a common language...

    > "60 per cent less malware infections than XP".

    So, what he means is that Vista gets the same number of infections, but those infections are 60% smaller... :-)

    In English (still spoken and written, with the words spelled correctly, and in a grammatically-correct fashion, by some people over here), we would say, ""60 per cent fewer malware infections than XP".

    Or maybe that's what he really meant to say?

  38. Anonymous Coward
    Anonymous Coward

    Fight fire with gasoline

    60% fewer malware infections until more people start using it...then we are all back to Square One.

  39. Parax
    Gates Horns

    Subliminal messages

    is it me or is Fathi a secret hidden anagram?

    You need blind faith to buy Vista.

  40. Anonymous Coward
    Anonymous Coward



  41. Danny
    Jobs Horns

    Just like Dennis Price

    I too am still waitng to see all these problems that people keep mentioning. I have been running Vista business x64 for over 6months evaluating it to see if it is worth migrating from XP. As of yet I can't say it has any distinct advantage for us to do so, but I am more than happy with it's performance on my machine with a measly 1Gb memory. I have had no stability issues, all my hardware is recognized, no slowdown even when running multiple programs and this is on a custom built box, not an OEM one that would have had any issues dealt with by the manufacturer. So far it has never crashed once. The only annoyance is that they still not brought out a completely working adminpak so I can manage network settings from my PC, but it's easy enough to rdp to the server.

  42. Dennis Price

    @James Condron

    "Calm before the strom, my friend. Is it not possible that you're having some issues, but no more than before? I fail to believe for a moment that anyone has a set up that *Just Works*. Even the Mac fanboys (fairy boys?)"

    Well I've been running Vista Business since the end of January and thus far the only real issue (self-inflicted gunshot wounds by my staff don't count - would of happened no matter what they were "operating") has been IE deciding to use italics on damn near any webpage. Figures it would be MY machine and no one else's. Replaced the fonts with non-corrupt ones, used the accessibility settings to force the issue but I don't like that either. Sigh - somebody will get it figured out via dejanews... whoops... Google groups eventually.

    Other than that, Vista HAS just worked. (my benchmark? I have three sons who liked breaking into each others NT accounts so they destroy my MS installs. Win3.1: immediately, NT about three months, Win95: two months, Win98: two months, Win2000: four months, XP Pro: 6-8 months, and Vista Business? Running since about Febuary 1 and zero reinstalls. Incrementally getting better on the Microsoft side.)

  43. JC
    Thumb Down

    60% Deceit, 40% Pork

    What a deceitful claim about Vista & 60% less malware reported by the scan tool, when used to prop up their marketing.

    Look at the context. Brand new Vista boxes not running for even 6 months on average, maybe not even having any user-installed 3rd party software yet, versus years old XP boxes exposed multiple times as long.

    The key element here is that the Vista users still felt their Vista boxes needed to be malware scanned, and a large percentage of the time they were right!

    Yet again MS fails on one of their core marketed features, but thanks anyway MS, my computer was too fast to keep up with and had far too much available memory for applications in XP.

  44. Anonymous Coward
    Anonymous Coward

    Vista Users Live In Vacuum

    Those running Vista who say it's doing good opposed to XP are missing the bigger picture here. XP also works good for millions, neither is perfectly running for 100% of the user base but one has matured through service packs and patches while the other has not, leaving the less mature one posing more problems for more users.

    Does it make you stupid for running Vista? Of course not, a new toy is fun to play around with, but if you're claiming it has important improvements you miss the point in that rest of world plus dog manages to use XP without the line-item marketing drivel.

    Someday Vista will seem great oppposed to the next beta that comes after. Until then running a mature OS with all major issues resolved is the only sane serious, let alone professional OS to use. Otherwise your positive experience with Vista is just a lottery as it was with XP and it's predecessors early in their respective product lifecycle.

    On a side note, what's with all the MS viral marketing postings on the reg?

This topic is closed for new posts.