When I started reading my RSS feeds this morning, one of the first headings that caught my attention was this one: “Microsoft lies about Vista being the most secure Windows ever”. Since it is from a Vista blog that usually has good stuff, I clicked into it. After reading about the meaningless data that is supposed to support the claim of the heading, I just thought, okay, good job, you lured me to click on this. Very funny, really! Then I moved ahead and was quite surprised how many news sites took the same bait. So my second thought was that I am missing something here.
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
So what is behind all this? The source of this new Vista bashing campaign is Simon Clausen, CEO of PC Tools, a security vendor. This is how InformationWeek cites him:
Ironically, the new operating system has been hailed by Microsoft as the most secure version of Windows to date. However, recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight year old Windows 2000 operating system, and only 37% more secure than Windows XP.
If you are an IT pro, you probably already smell a rat. If a security vendor claims that a new Windows version is not really as secure as Microsoft wants us to us believe, then something fishy might be going on. But if this were the only thing one could say about this case, I wouldn’t have started writing this blog post.
What I find interesting is how many news sites pounced on this story without even taking the time to read the data provided by PC Tools. Everyone who knows a little about computers should be taken aback if such “evidence” is provided:
Vista let 639 threats per thousand computers through, compared with 586 for Windows 2000, 478 for Windows 2003, and 1,021 for Windows XP.
Later the author makes it even more clear what this data implies:
Given an infection rate of 639 per 1,000 PCs, almost 64% of Vista users should have compromised machines.
64% of all Vista machines are infected??? I am pretty sure that mine is clean which means that it is quite likely that yours is running some malware while you read those lines. Well, I read quite a few articles on different news sites about this topic and none of them really questioned this data. A Techworld article made it even worse by mixing up infections with vulnerabilities which probably comes from the fact that a Microsoft spokesman was not able to keep these terms apart.
I am not sure if it even makes sense to try explaining this implausible data. But it could be that these numbers are not at all about infections, but about the alarms ThreatFire triggered. Since this software uses heuristics instead of signatures, most of those alarms are probably false positives. If that is the case, then you could as well measure the number of UAC prompts to gather data about the threats your computer is exposed to. Agreed, Vista’s UAC uses very crude heuristics to determine possible threats, but according to Clausen’s data, ThreatFire seems not to be that smarter.
The fact that Windows 2000 triggered fewer alarms than Vista is easily explained. Typical Windows 2000 users just launch their Word 6.0 every day and their browser once a week. The last time they installed software was when their grandchild came to see them and insisted on trying a new fabulous game which probably didn’t work on this outdated machine, anyway. Thus, the ThreatFire heuristics had fewer chances to trigger false alarms.
It didn’t surprise me either that Windows XP came off only third in this questionable contest. XP lacks so many features that their users are busy all day downloading and installing all those tools and features that Vista already has. Okay, that was a joke. 😉 I just thought some XP bashing would be nice, too. I leave it to you to find a better explanation.
Subscribe to 4sysops newsletter!
So this is how rumors come into being. I am pretty sure that many readers of these articles really believe now that Vista is more vulnerable to malware than Windows 2000. I think, this is a classic example how easy it is to convince people of something they really want to believe. And that’s why the Vista bashing industry is so successful.