New cybersecurity report from Microsoft details risks of running unsupported software

Today Microsoft Corp. released its Security Intelligence Report volume 15, which analyzes threat intelligence from more than 1 billion systems worldwide to provide in-depth perspectives on exploits, vulnerabilities and malware to help customers manage risk. Among other intelligence, the report examines the security risk that consumers and businesses face when using unsupported operating systems and software and looks at the implications of using Windows XP once support, including security updates, ends April 8, 2014. In addition, new telemetry compares the security of modern operating systems such as Windows 8 with older operating systems such as Windows XP that, according to  StatCounter ,make up approximately 21 percent of operating systems used today.

The report found these top three worldwide threats for those running Windows XP:

  • Sality. Malware family that can steal personal information and lower a PC’s security settings.

  • Ramnit. Malware that infects Windows executable files, Microsoft Office files and HTML files.

  • Vobfus. Family of worms that can download other malware onto a PC; it can be downloaded by other malware or spread via removable drives, such as USB flash drives.

The report found that in the first half of 2013, nearly 17 percent of computers worldwide running up-to-date, real-time security products from Microsoft encountered malware. Although Windows 8 encountered a similar amount of malware as Windows XP, computers running Windows XP were six times more likely to actually be infected with those threats.

“The data help illustrate the positive impact that security innovations in newer operating systems are having. Modern operating systems such as Windows 8 include advanced security technologies that are specifically designed to make it harder, more complex, more expensive and, therefore, less appealing for cybercriminals to exploit vulnerabilities,” said Tim Rains, director of Microsoft Trustworthy Computing.

Rains added that once security updates for Windows XP stop on April 8, 2014, security risks associated with continuing to use the outdated software will increase as cybercriminals seek to exploit newly discovered vulnerabilities. The last version of Windows XP to go out of support was Service Pack 2. In the two years following, malware infections jumped 66 percent when compared with Windows XP SP3, the version for which support ends next year.

“The importance of upgrading from Windows XP cannot be overstated,” Rains said. “We truly want people to understand the risks of running Windows XP after support ends and to recognize the security benefits of upgrading to a more modern operating system — one that includes the latest in security innovations, provides ongoing support and can in turn better protect them.”

Those wanting to download and learn more about the Microsoft Security Intelligence Report findings should visit http://www.microsoft.com/sir.