Chicago (IL) - Microsoft released another edition of its Microsoft Security Intelligence Report (MSIR), one of the most comprehensive reports on current global malware trends. Microsoft’s analysts point out the overall malware removal rate on PCs climbed by 43% over H2 2007, which, however, may not be entirely bad news, and that users, who are looking for more secure computing environments, should stick with Vista and a 64-bit version of the operating system.

For about a decade we have increasingly grown used to reports that outline a horrific scenario of security and intrusion threats hiding on the Internet. Microsoft’s latest MSIR (PDF download) isn’t different, at least on the surface, as more and more malware seems to be making its way onto computers. However, the 150-page report isn’t entirely negative, but appears to be showing some positive trends in the battle against malware as well.

Microsoft highlighted that malware removal rate on PCs climbed from H2 2007 to H1 2008 by about 43%. In absolute numbers, this figure translates to 42.2 million “disinfections” to 62.1 million and 15.8 million computers cleaned versus 23.9 million. So, while the number of overall infections actually went up, the average number of malware instances went down – from 2.7 to 2.6 per PC.

Microsoft noted that the share of PCs with detected malware went up in H1 2008 from about 8 of 1000 in H2 2007 to about 10 in 1000. However, the company said that this number is not necessarily an indication of more malware, but also shows that anti-malware software gets more effective and detects more malware.

Adding to the positive news, Microsoft said that the total number of unique vulnerability disclosures across the industry decreased: Trojan sample numbers dropped by 34.3% and exploits by 9.0%. Viruses remain the strongest malware category and saw a slight increase (2.8%), while Trojan downloaders (+6.8%), backdoors (+21.8%), password stealers (+34.5%) and worms (+3.8%) became more frequent.

If there are any recommendations for PC users in this report and if Microsoft’s findings are correct, then we are told to drop Windows XP and move to 64-bit.  


    
According to Microsoft, the operating system with the highest infection rate was Windows XP RTM with 33.8 systems per 1000 computers. XP versions with service packs followed behind, with XP SP3 showing an infection rate of 9.2 PCs of 1000. Vista follows with 4.9 for the RTM version and 4.5 for Vista SP1. Microsoft found that the 64-bit versions of Vista are even less likely to be infected with 4.2 for the RTM versions and 2.3 for the SP1 release. The only Windows software with a smaller infection rate is Server 2003 SP2 with 1.0 units per 1000 systems.

Microsoft did not say whether the smaller infection rates are likely due to a higher experience level of the owners of such systems or whether the operating systems are much more resistant to malware out of the box.

It is interesting to note that, the infection rate of Windows Vista SP1 is 48.8% less than that of Windows XP SP3. Service packs also seem to increase the security of the operating systems.

However, the added security in Vista has been somewhat compromised by new usage trends, Microsoft said. “The gap between Windows XP and Windows Vista has decreased in size somewhat since H2 07, which can be attributed to continued growth of the Windows Vista user base among the general population and to popular malware families’ heavy reliance on social engineering, which can deceive users into bypassing security measures, such as User Account Control in Windows Vista,” the firm wrote in its MSIR.