Avast: Windows XP makes up 74% of rootkit infections

Support for the nearly decade-old Windows XP is slowly winding down, with extended support ending on April 8, 2014. A good example of what will happen when support for the operating system ends is reflected in a recent report released by Czech antivirus vendor Avast Software.

In an interview published last Thursday by Computerworld, the developer of a popular freeware antivirus for Windows reveals that the vast majority of infections targeting Windows operating systems affect Windows XP users. The results are briefly summarized in the graph reproduced above, with 74% of rootkit infections on Windows XP compared to just 12% on Windows 7. The figures are in Windows 7's favour considering its increasing usage share at 31%, compared to Windows XP's slipping share at 58%.

Rootkits pose a problem for users due to their ability to mask their presence by hiding at the user, kernel, or even the hardware level of an operating system or computer. Removal of rootkits can be difficult, with some anti-malware suites requiring a on-boot scan or a separate "recovery disc" to remove an infection.

Avast's CTO, Ondrej Vlcek, suggests the disparity between Windows XP and 7 is based on two factors: anti-piracy concerns some Windows XP users have, and improved security measures on Windows 7.

A third of Avast users on XP are still on Service Pack 2, whose support ended a year ago. Vlcek speculates users are hesitant to upgrade to Service Pack 3 due to fears Microsoft will flag down illicit copies of Windows XP with anti-piracy measures, even though important security patches are still delivered to users flagged by Windows Genuine Advantage.

Vlcek also credits the additional security enhancements on the 64-bit version of Windows 7 for making rootkit infections a rare occurrence, but he does point out the presence of a few 64-bit rootkits that have made their way to the increasingly popular operating system.

Thanks Mepistopheles for the tip on the forums!

Image Credit: Computerworld

Report a problem with article
Previous Story

LulzSec spokesman "Topiary" charged by UK police

Next Story

Microsoft still hopeful about being successful with Bing

21 Comments

Commenting is disabled on this article.

Using 64-bit Windows, even 64-bit XP is safer against rookits because it has Kernel Patch Protection. Plus run as standard user, not admin. When Windows 7 becomes the most popular OS worldwide, it will take the larger share of infections.

xpclient said,
Using 64-bit Windows, even 64-bit XP is safer against rookits because it has Kernel Patch Protection. Plus run as standard user, not admin. When Windows 7 becomes the most popular OS worldwide, it will take the larger share of infections.

Yeah, and Windows 7 doesn't have a 64-bit version.

xpclient said,
Using 64-bit Windows, even 64-bit XP is safer against rookits because it has Kernel Patch Protection. Plus run as standard user, not admin. When Windows 7 becomes the most popular OS worldwide, it will take the larger share of infections.

Kernal Patch Protection only protects against kernel ring0 rootkits. Usermode ring3 rootkits that work on xp would most likely work on Vista and 7 x64 too.

xpclient said,
When Windows 7 becomes the most popular OS worldwide, it will take the larger share of infections.

I disagree, Windows 7 will NEVER see a 74% rootkit infection rate. If Windows 7 was vulnerable to malware as XP is, that rate would be larger than it is already. I don't expect to see Windows 7's infection rates to climb at all.

Also, who the heck uses x64 XP? I don't think that's still even around at all anymore.

If these results are just from Avast users, is this how many infections Avast is letting get into machines?
If so, time to switch.

wahoospa said,
If these results are just from Avast users, is this how many infections Avast is letting get into machines?
If so, time to switch.

Conversely, it could be the number of infections it ran across and removed.

wahoospa said,
If these results are just from Avast users, is this how many infections Avast is letting get into machines?
If so, time to switch.

I actually laughed at this, because (unless I'm mistaken and you actually have the figures), even if this is the infections it is letting in (in which case how would they know about them?), it's a graph showing percentages. That 12% for Win7 could actually be 12 infections.

wahoospa said,
If these results are just from Avast users, is this how many infections Avast is letting get into machines?
If so, time to switch.

It's the amount of infections Avast has detected. Not let through the machine. How would they even get those numbers anyhow? Why would they release a chart telling people how many threats slip through their software and infect computers? In the 5 years I've been using Avast I've never had a threat to slip through their software and infect my computer. I've even went out of my way to intentionally visit websites that I knew were at an extreme high risk and 100% of the time Avast always completely stops any threats before it even makes it to my machine.

Some people just use no common use of logic when it comes to things these days...

The fact that the survey has a XP market share that's some 15-20% higher than it really is kind of puts the whole thing in doubt.

HawkMan said,
The fact that the survey has a XP market share that's some 15-20% higher than it really is kind of puts the whole thing in doubt.

Except that Avast has a reputation for low-RAM footprint, which has been a critical reason for the retention of XP (and lowball numbers for both 7 and Vista) in the survey.

Both 7 and Vista have largely-undeserved reputations for being memory pigs; with a proper amount of RAM (realistically, 2 GB), not only are Vista or 7 just as speedy as (if not speedier than) XP, start loading the three Microsoft operating systems with applications and Vista or 7 will show why they are the multitasker's best friends.

HawkMan said,
The fact that the survey has a XP market share that's some 15-20% higher than it really is kind of puts the whole thing in doubt.

Those are probably figures amongst just Avast users. Statcounter currently gives 44% for XP and 36% for Win7.

PGHammer said,

Except that Avast has a reputation for low-RAM footprint, which has been a critical reason for the retention of XP (and lowball numbers for both 7 and Vista) in the survey.

Both 7 and Vista have largely-undeserved reputations for being memory pigs; with a proper amount of RAM (realistically, 2 GB), not only are Vista or 7 just as speedy as (if not speedier than) XP, start loading the three Microsoft operating systems with applications and Vista or 7 will show why they are the multitasker's best friends.

When did anyone ever say Windows 7 was a memory pig? Vista wasn't bad either, but just flat out sucked, period.

I have a couple machines with only 1GB memory and Windows 7 Ultimate that run just fine. Granted, not doing anything super memory intensive, but personally, Windows has been able to manage memory very efficiently ever since W2K even.

Obviously XP is going to have the most root kit infections considering it's still the most used OS there is.

Have to question Avast as wahoospa does below also?

cork1958 said,

When did anyone ever say Windows 7 was a memory pig? Vista wasn't bad either, but just flat out sucked, period.

I have a couple machines with only 1GB memory and Windows 7 Ultimate that run just fine. Granted, not doing anything super memory intensive, but personally, Windows has been able to manage memory very efficiently ever since W2K even.

Obviously XP is going to have the most root kit infections considering it's still the most used OS there is.

Have to question Avast as wahoospa does below also?

So you tell me - why does Vista still suck? In fact, why (in your opinion) did it suck in the first place, since you state that it wasn't memory footprint (the major reason given by the anti-Vista crowd on Neowin for resisting Vista)?

cork1958 said,

When did anyone ever say Windows 7 was a memory pig? Vista wasn't bad either, but just flat out sucked, period.

I have a couple machines with only 1GB memory and Windows 7 Ultimate that run just fine. Granted, not doing anything super memory intensive, but personally, Windows has been able to manage memory very efficiently ever since W2K even.

Obviously XP is going to have the most root kit infections considering it's still the most used OS there is.

Have to question Avast as wahoospa does below also?

Windows XP has less than twice the usage as Windows 7, yet it has over 6 times the amount of rootkit threats. I know you are just trying to point out the fact that one of the reasons Windows XP has a much higher rootkit threat is due to the excessive amount of traffic it gets, but the numbers throw this observation out the window.

Just face it. Windows XP is one of the most flawed and unsecured Windows platforms ever released. It's old, hardly anyone who keeps up with this generation of technology uses it, and there's no point in continuing to defend a dead horse.

littleneutrino said,
i am surprised Vista is that low (however, it might just be due to how few people are actually still using it.

Some people hate Vista which they had problems with it and made a switch to either XP or Windows 7. I have no problems with Vista on my laptop. I guess that I am one of the lucky ones. I have Windows 7 on my other laptop.

shozilla said,

Some people hate Vista which they had problems with it and made a switch to either XP or Windows 7. I have no problems with Vista on my laptop. I guess that I am one of the lucky ones. I have Windows 7 on my other laptop.


Vista was horrible when it was released.
If you are using Vista now, then it's a decent system, but its bad reputation is entirely based on it's rushed release (hello uber-low file copy)

littleneutrino said,
i am surprised Vista is that low (however, it might just be due to how few people are actually still using it.

Or it could be due to the fact Vista is far more secure of an OS than XP could ever be on its best day. 7 continued that trend.

Hopefully windows 8 should make rootkits much less of a threat if it'll have support for multiple architectures and different CPU types like arm, etc.

n_K said,
Hopefully windows 8 should make rootkits much less of a threat if it'll have support for multiple architectures and different CPU types like arm, etc.

All very good but the problem is with people NOT upgrading.