Windows 8 Defeats 85% of Malware Detected In the Past 6 Months

An anonymous reader writes "Now that Windows 8 is on sale and has already been purchased by millions, expect very close scrutiny of Microsoft's latest and greatest security features. 0-day vulnerabilities are already being claimed, but what about the malware that's already out there? When tested against the top threats, Windows 8 is immune to 85 percent of them, and gets infected by 15 percent, according to tests run by BitDefender."

So, ... some built in security?

[TaoPhoenix]

Did any of the malware get past whatever new copy of Windows Security Essentials they cooked up especially for Win 8?

Re:So, ... some built in security?

[Anonymous Coward]

I understand not reading TFA, but did you even read the title?

Re:So, ... some built in security?

[Baloroth]

That is exactly what the story is about, they rolled that right into the OS this time (technically, into Windows Defender, which is enabled by default).

Re:So, ... some built in security?

[AmiMoJo]

They neglected to mention how many of the 15% that got through required user stupidity to infect the system. It will be interesting to see how long it takes for the first Metro based malware to appear, and how long before some of it sneaks onto Microsoft's marketplace.

Re:So, ... some built in security?

[fatphil]

They also neglected to report what percentage of MS Windows users have the required levels of stupidity.

Re:So, ... some built in security?

[NIK282000]

You'de be stupid not to use windows! Do you know how many offers I get for free vacations and cheap medication? I never see those popping up on linux.

Re:

[Anonymous Coward]

It's not due to "WSE". Windows 8 is highly incompatible with previous versions (google for all the stuff that wont run under W8 anymore).
In most cases the fixes required are very simple and I'm sure malware developers will be catching up fast.

Re:So, ... some built in security?

[aztracker1]

Any software relying on kernel level integration that changed won't work.. IIRC this includes some of the network stack this time around, as well as some of the filesystem interfaces. There's very little that won't work... the less advanced the software the more likely it works from all the way back in early win32 days (3.x) ... that said, a lot of that old software needs to install in an unprotected directory to work, not program files.

Re:

[Fishchip]

Shit, I must be a shill too, all my games and software work without a hitch. But, hey, whatever makes you feel better.

Re:

[joocemann]

Let me rephrase the abstract in a more clear and honest way.

"15% of Windows 8 Malware has not been blocked."

The abstract is too positive about the 85%. A condom that works 85% against STDs, in an orgy full of STDs (internet), is not effectively protecting you.

How do these numbers compare ...

[baresi]

... to those other similarly received OSs, Windows ME and Vista?

I'd take this with a grain of salt

[Sycraft-fu]

The reason being it is an AV maker releasing it. They have reason to want to say "Oh the built in AV scanner sucks, you should buy ours!" They may be stacking the results.

AV Comparatives puts MS Security Essentials at about 95% in their latest test, not 85%. Bitdefender is 99.2%.

However one reason for that is false positive rate. MS is willing to trade off some detection to keep it low, because users get pissed off and want to get rid of scanners with lots of false positives. MSE had 0 false positives, BitDefender had 10.

None of this is to say getting a better virus scanner isn't a good idea, just take anything from a company selling a product in an area with a grain of salt. AV Comparatives seems to indicate that wile MSE is certainly not one of the best virus scanners, it isn't bad.

Re:

[Baloroth]

It depends on your sample size and method. BitDefender took the top 385 malware recent, and came up with the 15% figure. I'm betting AV Comparatives took a much different, likely broader, sample. Makes sense that as you take a larger sample of less "popular" (which is more or less by necessity less infectious) and/or older (which is more likely to spread using now-fixed vectors) malware, the success rate will grow higher. I'd say the BitDefender method is more useful, as it selects the malware that you are

Re:

[TheGoodNamesWereGone]

Yahbutbutbutbutbutbutbut.... XXX HOT RUSSIAN BABES!!! Must....click.....can't.....withstand....arrrrggggghhhhhhh......

Re:

[TheP4st]

I see that you are a true gambler, risking infection on your PC and IRL.

Security Essentials = Windows 8 Defender

[deweyhewson]

Since Windows 8 repurposed Microsoft Security Essentials as its new Windows Defender, which is built-in to the operating system [microsoft.com], would these statistics hold true for Security Essentials on all systems, or are they unique to Windows 8?

Or is BitDefender just trying to stir up some business?

Banana Defeats 100% of Current Malware

[Eightbitgnosis]

Why, not a single malware application can be installed on a banana! They too are immune.

Therefore bananas are now the most secure OS

Re:Banana Defeats 100% of Current Malware

[Sabalon]

http://en.wikipedia.org/wiki/Banana_bunchy_top_virus [wikipedia.org]

Re:

[TubeSteak]

I would have gone with Panama Disease [wikipedia.org]
In the '50s, it wiped out the global monoculture that was banana farming.

The banana industry switched to a new monoculture, which they thought was immune to Panama Disease.
But the new banana is only immune to a specific strain, which is why Panama Disease is once again slowly spreading across the global.

Re:

[donaldm]

Why, not a single malware application can be installed on a banana! They too are immune. Therefore bananas are now the most secure OS

No that is not true the best is Apple. The problem you do have is deciding which version you want such as "Granny Smith", "Red Delicious", etc. However unlike the banana which can go brown fairly quickly compared to the Apple you do have to watch out for worms. :)

Re:

[uvajed_ekil]

Really? I've seen some pretty nasty looking, mold-infested bananas before. Hell, I can't even finish a bunch before at least one or two get soft and gross. I've been running Linux nearly exclusively for five years and it has never had the same problem, nor even one virus.

So what?

[Opportunist]

Reacting is always easy, that's why malware is so efficient. There are AV kits out there that detect 98+ percent of the current malware. Problem is not the malware we know about already, the problem is new malware that infects before patches can be applied and AV signatures can be updated.

OF COURSE a new system is more resilient against current malware. By the very nature that a lot of exploits simply don't work anymore because, well, different codebase, different handling of various things malware relies on. By that logic, MacOS is even superior to Win8 because because zero malware for Win7 can infect MacOS.

The more interesting question is why 15% (one in seven) malware threats still work on Win8.

Compared to Windows 7?

[edibobb]

How does an updated version Windows 7 with Microsoft Security Essentials compare? That information might make this article meaningful.

Opposite spins??

[AC-x]

That's interesting, the original security press release is quite negative - "Newly launched Window 8 is prone to infection by some 15 per cent of the 100 malware families most used by cyber criminals this year, even with Windows Defender activated, Bitdefender testing revealed." but somehow that's become a positive "Windows 8 protected from 85% of malware detected in the past six months, right out the box"

The original point is that Windows Defender can't detect 15% of this years most popular malware, that's not exactly great for an AV program, or maybe Bitdefender has just written a shill piece with a hand picked sample of unusual malware that trip most AV programs up to flog their own AV solutions?

At any rate the figures useless because they didn't compare it to a fully patched Windows 7 system or alternative AV programs, why did this even make the homepage?

Bitdefender sells security products

[Anonymous Coward]

Bitdefender sells security products. Can we get a number from somebody a little less biased, or perhaps somebody biased against microsoft? How about a consulting firm with a good reputation the prefers Linux, but grudgingly supports MS because they have to? Anyway, Bitdefender has an incentive for you to think Win8 is insecure. How are they defining malware? Stuff that says, "to install, please enter admin password"? If 15% of the "malware" comes with those instructions, it'll infect anything.

what you say

[hraponssi]

so what do the numbers mean? that there are a bunch of 0-days out there that they know but haven't bothered to report or fix in the last 6 months? so the stuff silently installs and does naughty things while you surf your daily dose of naked chicks? or if you download the exe, run it as admin and see what happens, then 15% of the time it works?

What are us techs suppose to do

[rsilvergun]

I keep wondering. Software keeps getting better because computers get faster and labor gets cheaper. If you throw enough resources at it it gets done. But most of us entry level techs make our daily bread fixin' up this stuff. It's another symptom of increased productivity. Things get better and better so there's less work to do. But if there's less work there's less jobs, and our whole society is built on Jobs. People can't stand the thought of someone getting paid and not working for it. Jesus, what would

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[uvajed_ekil]

Windows 8 allows 15% of previously-known malware to infect systems.

That's exactly what I got out of all this! 15% built-in fail, right off the shelf.

Incompatible

[jamesh]

If current malware won't even run on windows 8, are my regular applications going to fare even better?

I haven't read TFA, or the summary, but the headline tells me that Windows 8 has some _serious_ compatibility problems!

;)

Re:

[bloodhawk]

They don't fail to run because of incompatibility, they fail to run because win 8 includes defender by default which detects and blocks them.

Re:

[jamesh]

They don't fail to run because of incompatibility, they fail to run because win 8 includes defender by default which detects and blocks them.

oh come on. I wrote that I didn't read the article, or the summary, and even included a smiley at the end. Obvious Troll could be no more Obvious.

Re:

[uvajed_ekil]

Many old apps won't run, not because they are detected as malware or are inherently inferior, but so you'll have to pay more money for new one. Typical MS.

One in seven chance you die

[gelfling]

Ok that's pretty good for a brand new state of the art operating system. Remind me again what the fucking definition of progress is?

Buzzdock and Babylon

[tbird81]

These horrible pieces of spy/mal/adware that install from CNet need to be detected. I have not found a program that does so.

My computer now has the same odds as me

[Original Cynic]

Windows 8 now ranks in the same odds as having "Safe Sex" with an HIV positive individual. Thanks Microsoft.

Re:

[Stewie241]

Actually according to http://www.cdc.gov/hiv/law/transmission.htm [cdc.gov] the riskiest activity is receptive anal sex which has a risk of 50 in 10,000. If you're not catching the risks are significantly lower.

Re:

[uvajed_ekil]

Interesting analogy. To be safe, I will continue to refrain from having sex with whores, other dudes (especially the gays), and IV drugs users, and I will continue to avoid MS products as much as possible. Here's to Linux and safe, heterosexual sex!*

* I do not believe or assert that using Linux is anything like having sex, nor do I live in my mom's basement

Absolutely pathetic

[Tough Love]

Somebody writes as it it's ok to be vulnerable to 15% of the malware on the internet. That's roughly the same as being vulnerable to 100%. Let me try to get this straight... 15% is the new 0%?

85% holy shit!

[Osgeld]

meaningless to me ... whats 7's score? how about XP sp3 not ran by a retard and or parent? or even... thats not impressive compared to linux invulnerability to malware.

how about this, you have a 15% chance of being a victim of a crime ...

wrong way

[Tom]

Uh, isn't the actual news the other way around?

The most current version of the OS still is vulnerable to 15% of known threats? That's a pretty damning track record if you ask me.
It means that a billion dollar corporation that put security high on its agenda for several years now still can't create something that is secure against well-known attacks, and can't keep up with patches and let's not even talk about pro-active security.

True, there is no such thing as 100% security. Even OpenBSD has had its 0-days. But we're not talking about 0-days here, we are talking about known threats that have been out there for months.

Re:

[Tom]

I don't get the Windows Eight Hate.

For my part, it's not hate. It's simply two decades of experience showing that every other windows release sucks. Since Vista sucked and 7 was halfway decent, 8 is going to suck. Microsoft isn't one to break with long traditions, is it?

So basically, I don't hate it, I just don't care. My point was about how a specific perspective changes the message.

Incompatible...

[Bert64]

Windows 8 is not "immune" to 85% of malware any more than Linux is... The malware was simply never written for windows 8 and is subsequently incompatible with it. Once malware is specifically written to target windows 8 the situation will change.
Windows 7 also suffered very low malware infection rates when it was first released, it just took a little while for new malware to be written and for it to propagate.

anti-Microsoft headline

[tverbeek]

Windows 8 Incompatible with 85% of the Most Widely Installed Software

Win 8 sucks

[CapOblivious2010]

Unfortunately, windows 8 also defeats 85% of users who attempt to use it do actually do something useful (as opposed to just oohing and aahing over the pretty tiles)

Re:No platform is 100 percent secure?

[TWX]

Linux is not 100% secure. Linux is very secure, and is certainly more secure than Microsoft's OSes, but vulnerabilities are discovered all of the time. The biggest distinction is that since Linux is openly developed with the potential for anyone to contribute and for everyone to see, there aren't large, untested milestone releases without public eyes on them like commercial OSes. By the time that the experimental version becomes the release version it's already been vetted. Microsoft doesn't have the same quantity of testing because while there is a beta program, it's not designed to be thoroughly examined.

Re:No platform is 100 percent secure?

[Anonymous Coward]

More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.

Re:No platform is 100 percent secure?

[0111 1110]

More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.

Neither does Windows 8.

Re:No platform is 100 percent secure?

[Farmer Tim]

That's OK, it's 15% backwards compatible.

MS trying to implement *nix security model

[raymorris]

In the last couple versions of Windows, MS has been trying to implement something like the old (pre SELinux) *nix security model. This after having removed it. Why? Because they had removed the security, for good reason, and the *nix model is a good one. In the old days, there were network operating systems. Many users had terminals to one computer, which protected one user's work from other users mistakes or malice. It was designed for security and it was Unix. It was also huge and EXPENSIVE. One day a guy wanted an OS to fit on a 512k floppy disk and run with 128k RAM so people could afford computers at home. Single home computers, not corporate networks. To make Disk Operating System fit on a floppy, he removed stuff DOS didn't need, like security. (No network meant few threats.) A GUI was added. Backwards compatibilty was maintained with the "no security needed" DOS. Then the internet happened, and Bill crapped his pants. Since then, MS has been trying to design security back in, while maintaining backward compatibility. DOS programs still run on Vista, without running into problems with new security added since Disk Operating System. Linux has always been a network OS, never a disk OS, and has therefore never removed the security model.

Re:No platform is 100 percent secure?

[Gordo_1]

It doesn't take a rocket scientist to figure out which OS will have an order or magnitude more market share than the other in 6-12 months...

Re:

[crutchy]

likewise for the number of viruses infecting it :)

Re:No platform is 100 percent secure?

[Progman3K]

More like Linux still doesn't have the market share to warrent spending significant time developing malware for it.

Right...

Linux runs on more computers than Windows worldwide.

You know, all those servers, phones, appliances and clouds that make up the Internet? Those.

It may not be on most desktops but its on everything else and it far outnumbers Windows.

It's not more secure because it's more obscure, it's more secure because it's better.

Re:No platform is 100 percent secure?

[Pinhedd]

The overwhelming number of Linux servers worldwide are behind firewalls and will rarely ever attempt to reach out blindly to the internet. There aren't nearly as many attack vectors to exploit. It's far easier to find some bad PHP code to exploit, or an unpatched version of Apache than it is to attack it using traditional methods that might work on a user machine.

Re:No platform is 100 percent secure?

[shaitand]

"The overwhelming number of Linux servers worldwide are behind firewalls"

Sure. On the other hand there are no small number of firewalls running Linux.

Re:

[Barlo_Mung_42]

Jane, you ignorant slut!

Which versions of Linux? Are you saying on binary can attack all of them? No. You are not. Windows has decades of backwards compatibility to deal with. Don't try and compare phones with desktops. Callin bs on that bs out of the gate.

Re:No platform is 100 percent secure?

[thegarbz]

It's not more secure because it's more obscure, it's more secure because it's better.

Yes and no. What versions of Linux are those machines running? What versions of Apache, MySQL, PHP are they running? Very few Linux installs have common attack vectors.

- The vast majority of common attack vectors on Windows require user interaction. The vast majority of your Linux installs have no users.
- The next big group of common attack vectors on Windows require popular end user software (Acrobat, flash, IE, etc). The vast majority of Linux installs don't have those.

There are many documented cases of attacks on Apache, but again there are many different versions of Apache in common use, and MANY of your Linux installs lack Apache anyway.

Linux benefits greatly from obscurity since there's no extremely popular attack vectors that can be leveraged on an insanely large number of systems, and in those cases where such vectors exist they are often exploited.

Re:No platform is 100 percent secure?

[Waccoon]

And typically takes requests for files and serves them. That has to be done fast, but it's not really that hard. Web servers and routers aren't quite up to the same par as a general-purpose desktop machine designed for ordinary people who don't even know the difference between a virus and a trojan.

Realistically, most security is at the application level these days. You don't need root access to steal peoples' information. Just look at how much havoc you can cause by hitting a web browser with one clever block of JavaScript.

Re:

[kiddygrinder]

it does if you include servers and phones

Re:No platform is 100 percent secure?

[symbolset]

I don't know if you've heard, but Linux/Android PC's are moving 1.5 million units per day, with a half-billion unit installed base. At the current rate of growth Linux PCs will exceed Earth's human population in Q3 2014.

Re:No platform is 100 percent secure?

[benjymouse]

I don't know if you've heard, but Linux/Android PC's are moving 1.5 million units per day, with a half-billion unit installed base.

Exactly!

That totally debunks the market share argument since Android has not seen a malware explosion, even with it's huge market share.

Oh wait... [thenextweb.com]

That's why Google has stated that Android does not need any malware scanner like Windows Defender

Oh, wait... [engadget.com]

1996 called and said don't be stupid

[dbIII]

Sorry, that sounded silly back in 1996 and it's fucking stupid now. Your TV probably runs linux and connects to the internet these days, most likely via a linux wifi access point or router. The "market share" is enormous.

Re:

[Bert64]

Only on desktops, which aren't very attractive targets anyway.
On servers, supercomputers and embedded devices linux has plenty of marketshare and there are lots of people targeting it.

Re:No platform is 100 percent secure?

[Baloroth]

More devices run Linux than Windows. How big of a target do you need?

Ah yes. But which Linux? There is, what, 20+ major distributions and dozens or hundreds of minor ones? Even calling all of them a single OS is almost a stretch, given that some of them have almost nothing in common with each other. That's not one target, it's a few dozen. And it's hacked all the time, just rarely using automated malware tools (because, again, those aren't terribly effective against heavily fragmented targets).

Re:

[symbolset]

So you're saying that fragmentation is an Android advantage.

Re:

[crutchy]

only windows is fragmented... thats why they made defrag

Re:No platform is 100 percent secure?

[crutchy]

my desktop is full of bomb icons so that it is very risky for a virus to infect it without tripping over one of the bombs and stubbing its toe

Re:

[crutchy]

imagine a virus infecting tvs, set top boxes, pvrs, etc all running a linux kernel... it would be like synapse from the film "antitrust"

Re:No platform is 100 percent secure?

[Opportunist]

Actually, when it comes to out-of-the-box security as well as the possibilities offered to knowledgeable admins, Linux isn't really far away from Windows. Both have, from the point of view of a security expert, horrible out-of-the-box security and can be sealed tightly by the hands of good admins.

The main reason why there is less malware for Linux is simply that malware is a business: It's the same reason why there is also less other commercial software for Linux.

Re:No platform is 100 percent secure?

[Pinhedd]

The best antivirus is a smart user.

Most malware on Windows gets dumped into %APPDATA% because it can't go anywhere else without raising a red flag. This makes it fairly easy to nuke. The same works for Linux.

Re:

[UltraZelda64]

What red flag? You mean the "Do you really want to do this? Yes/No" message? You know, the one that everyone is going to look at and say, "well fucking duh, yes I want to do this, or I wouldn't have told you to do it anyway," just like in the old DOS/Win9x days of "Yes/No/Retry/Fail"? Why no, Windows, I actually want the process to fail, and I don't actually want to install that program...

Re:

[benjymouse]

What red flag?

Windows has Windows Resource Protection [wikipedia.org] (WRP). Unlike Linux/Unix, even if you run as an administrator (equivalent to root) you *do not* have permission to change operating system files. Only the TrustedInstaller account can change those files. Furthermore, the files are designated system integrity level raising another barrier. Even if a malicious process succeeds in fooling a user into elevating to high integrity level with administrator privileges, it cannot change those files. WRP also performs integrity

Re:

[Opportunist]

Ok, and now for the desktop where the average clueless user is a much easier target than the average corporation admin.

Re:

[Opportunist]

Linux is still used predominantly by clued users and/or administrators who (usually) know what they're doing. The amount of clueless computer users who also have the root password is fairly low. And the average user with a clue doesn't click everything sent to him, the average admin cannot because he can't check his mail on the server (at least if security did their job).

And hence the market for malware is rather tiny.

Re:No platform is 100 percent secure?

[cavreader]

"openly developed with the potential for anyone to contribute and for everyone to see"

I am continually amazed that people think just because they have the source code to an OS they can just scan the code and locate security holes. The low hanging fruit is long gone in today's popular OS's. OS security holes and weaknesses are found by combining and testing multiple executable decision trees with varying environmental factors and then analyzing the captured results which usually includes sorting through binary output, assembler output, and real time memory mapping looking for anomalies. Finding OS level security holes also requires an in-depth knowledge of the various CPU processor instruction sets, memory allocation models, and memory manipulation. To many developers equate OS development with Application development when in reality they are almost entirely different animals requiring radically differing skill sets.

Re:

[snadrus]

But all that reduces to a tiny set of ways to get code executed, roughly:
array out-of-bounds writes, pointer confusion, writing somewhere (ram, disk) that's executable

The solution is peer review. Its enemies: major releases & closed development.

I think I can because I have done so

[raymorris]

It's amazing that some people insist that we can't do something which we do all the time. Look at the CVEs man, we find and fix weaknesses all the time. If you did look at the CVEs, you'd find my name. That's pretty solid proof that you're mistaken - I can find vulnerabilities because I do find vulnerabilities. When it comes to Windows, I don't know Windows. I haven't used Windows in fifteen years. When people ask me to work on their computer, I turn away all Windows work except "I forgot my password

Re:

[Patch86]

That's a bit of a false distinction.

All bugs are found by *someone* doing *something* (obviously). That something is either running some software, or developing some software. The big difference between the world of Linux/FOSS and Windows/proprietary software is: is the dirty laundry aired in public, or in private?

In the world of Linux, if a developer (either application or kernel) discovers a bug, it ends up on publicly-accessible mailing lists etc. If a Windows developer finds a bug, the only people who w

Re:

[jhol13]

No, the "open source" myth is not true. See e.g. http://www.debian.org/security/2012/ [debian.org]

I'd bet that more holes are created than fixed, per day.

Re:

[guruevi]

Typical Microsoft propaganda here.

You're comparing vulnerabilities found by external forces with totally no insight into the inner workings of an OS to all the vulnerabilities that are found by both external forces and people with intimate knowledge and years of experience in good coding for said system. For a good comparison, you would need to open source Windows and compare the leaks found both internally and externally at Microsoft and I'm not even talking about the methodology of your picking of statist

Re:

[Nerdfest]

In most cases, it's *potential* Linux exploits found by those looking at the code, vs actual Windows exploits seen in the field I would guess.

Re:

[Nerdfest]

It seems that Microsoft has the same problem, and far fewer eyes on the code.

Re:

[wisnoskij]

Security through obscurity only works until someone tries to break it.

Re:In other news

[farble1670]

Run those same tests/malware against Linux/Mac. 0% gets through.

really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.

Re:

[jd2112]

Run those same tests/malware against Linux/Mac. 0% gets through.

really? do you think that malware written to take advantage of exploits in the windows OS won't work on linux? thanks for that revelation. linux wins again.

You never know, Perhaps if WINE is running a Linux host could be at risk... (Not that I know of any viruses that could infect a Linux computer running WINE, except for one case where user intervention is required, but there is a first time for everything.)

Re:

[dbIII]

I had some guy that downloaded something that pretended to be a dodgy PDF encyption cracking tool but was really a virus, and he infected Win4lin with it. Hilarious, the thing tried to fuck with bits of the system that did not exist. It took seconds to fix since all I had to do was rename an older Win4lin image on that PC. I think that was in 2004. I've seen nothing like that since.

cross-platform exploits

[SpaceLifeForm]

I must nominate flash. Java next. Avoid those and you have a better chance. Add common sense and your odds are improved. Toss in firefox with noscript, and adblock, and you should be in good shape. At that point, it will not really matter if you get rooted, you should be able to re-install/recover your non-NONFREE OS quickly. Basically you really only need to worry about DPI and BIOS/UEFI based rootkits/backdoors. If you are still concerned, then pull the plug and get off the net.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Belial6]

The malware will work if you run Wine.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Barny]

Have you tried opening a big file in notepad? It is not all that safe.

Re:In other news

[mrclisdue]

I copied bash to my Win8 boxen, ran

# rm -rf /

and now Win8 doesn't boot.

Thanks for the perfect solution.

cheers,

Re:

[shaitand]

Linux contributes bash and windows contributes malware. Good to know.

Re:

[shaitand]

But they don't affect all platforms equally. Privilege escalation is a very different ballgame on a linux box than on a winows box.

Re:

[shaitand]

"The world has moved to iMoble devices which are mostly locked down."

If you think mobile devices are safely locked down you live in a dream world.

Re:

[phantomfive]

Ironic, isn't it? Locking the system down in the name of security kept everything out except what people want kept out. What a waste of a garden wall.....it's not for security.

Re:New OS

[bloodhawk]

The story is about existing malware not new malware. Win 8 for the majority of software is 100% compatible with win 7, just win 8 includes defender to catch a lot of it out of the box. It is a good move, I just hope they keep going with it and get the out of the box detection rate even higher.

Re:

[shaitand]

I wouldn't call vulnerable to 26% of known an preventable malware a good score.

Re:

[Osgeld]

even better, since its now going to be on desktops, tablets and phones ... AND the justification of writing shit that is hardware bound is next to nill in our web 4.0 world, you only need to write one chunk of shit to fuck everyone up at once

Re:

[black3d]

15% of malware out there? You've read into the story exactly what the zealots wanted you to. Windows 8 can't get infected by "15% of malware". It can run 15% of malware which targets the Windows 7 platform, and almost all of it requires user intervention in order to activate.

A more apt comparison would be seeing what percentage of malware can infect a non-tweaked automatic install of Ubuntu 12 (as the native ISO comes), that was specifically written to target flaws in Ubuntu 11.