Kaspersky Lab: Microsoft software products pretty darn secure

If you use a software product from Microsoft, or indeed any software on your Windows PC, there's always the concern that some issue might surface which could be found and exploited by hackers. Now, a new report from computer security specialists Kaspersky Lab highlights how Microsoft has improved its software products.

The latest quarterly report of the company's IT Threat Evolution list includes the list of the top 10 most vulnerable PC programs. At the end of the report, it states:

Microsoft products no longer feature among the Top 10 products with vulnerabilities. This is because the automatic updates mechanism has now been well developed in recent versions of Windows OS.

The list itself includes Adobe products such as Flash, Adobe Reader and Shockwave in five of the top 10 listed vulnerable programs. Oracle's Java, Apple's QuickTime and iTunes and Nullsoft's Winamp are also on the list.

Microsoft has been using automatic updates for its software for some time. It usually makes one big monthly update, known in the industry as "Patch Tuesday", but the company has pushed out emergency updates quickly if they are alerted to a particular problem.

Via: TheNextWeb
Source: Kaspersky Lab | Image via Kaspersky Lab

Report a problem with article
Previous Story

A world without Windows

Next Story

Microsoft shows us more of Surface dancing schoolgirls

22 Comments

Commenting is disabled on this article.

Constant updates is not the same than a safe system. For example, some world-class safe system have an update once every year (if not less).

Hello,

In order to mitigate interruptions from Microsoft Windows Update, I always run it manually at the start of each computing session and, if needed, reboot when it is done. This solves any problems with unexpected interruptions for me.

Regards,

Aryeh Goretsky

At least Adobe has decent background automatic updating now and have been working to improve security in their software (with very visible results!). Oracle's UAC-noncompliant, toolbar-hocking piece of crap is incredibly frustrating and insulting to deal with. Even worse is how security updates frequently break software written against their runtime. Go and look at the JRE roadmap and note the glaring absence of an objective to improve general security, exploit response time, compatibility, or usability of their update software. It's pretty much a giant F.U. to every one of their end users.

SalmanPK said,
And everyone still HAS to use Flash

Sadly, yep...

Until W3C wakes up and idiots like Ian Hickson realize that HTML5 video applications are limited without content protection, we will continue to have Flash and Silverlight (Windows Media) for video.

Ian and others act like content protection in HTML5 video is a sin to the ideals of HTML5 standards, but yet doesn't 'get' the necessity. Without a form of content protection, not only will media distribution avoid HTML5 video, it is technically illegal to use in many countries for specific types of content distribution.

This is like the old DRM sucks days, when most people had NOT A CLUE what DRM was and when it was needed to make things successful.

Here is a short list of technologies we use today that would not exist or be as accessible without content protection or DRM:

Audiobooks - (Audible specifically) Publishers were hesitant even with DRM attached.

Music - Even as much as we hated the early DRM of iTunes and Windows Media Player stores, if it wasn't for the DRM, media publisher would NOT have signed on to allow sales of content. It also took for the payment and evolution of the distribution model before non-DRM MP3 content could be easily purchased.

Video Streaming - From renting movies to Hulu and Netflix, there has to be control on the content. If rentals were easy to copy and didn't expire, they wouldn't be 'rentals'. If people were able to stream and 'save' Hulu and Netflix content 'easily', everyone would have 30,000 movie libraries on their home computers, and no longer need Hulu or Netflix.

eBooks - Free eBooks have been around for a long time, but it was not until there was content proection that we have been able to buy and borrow 'new' books, rather than just free and out of copyright publications. Microsoft pushed for a DRM format with their Reader years ago, and it beaten up because of the DRM features offered. However, SOMEBODY finally realized that new sales needed digital content protection to replace the 'tangible' book that the industry used to control widespread copying.

Online purchasing of Video Games - This includes buying the games themselves to microtransactions and buying content in games that have 'stores' or a monthly subscription, like WoW, and even Farmville. Without content protection, none of these would be a successful business model.

Apps - Without DRM, the whole store model of the iPhone would never have worked, as people would have just emailed the downloaded games to all their friends. Android has had problems because of their LACK of DRM, which kept away a lot of software publishers. The whole concept of an App (originated on Cell phones before Apple BTW) was fully controlled by cell phone carriers/MFRs and it was the inherent S/N SIM verification controls of the Cell Phone that allowed Apps to exist.

And here we are in the year 2012 and after seeing markets grow and explode and be successful based on DRM/Content protection, we have goofs like Ian Hickson and people at the W3C that do not want to implement any form of HTML5 video/audio content protection.

Microsoft has a brilliant content protection technology, that is using pure HTML5 is codec agnostic, supports adaptive/smooth streaming technologies. Of course Google also has their version, which is not 100% HTML5 and forces the use of Google's video codecs, and that is part of the problem, as people involved see Google's proposal as proprietary and dangerous to hand over portions of the standard to them, specifically the codecs.

So ya, we still have to use Flash. Microsoft had hoped that by the time Windows 8 was going to released that it would not be needed for video and HTML5 with content protection would be a viable option. However, as they saw it wasn't going to happen, they retooled Windows 8 to add in Flash to IE with an additional broker and sandbox to keep malware from touching things as much as possible. (Microsoft even gave up their Silverlight support in IE10 because they thought HTML5 video was going to be a real option. Hence why Metro IE10 doesn't support Microsoft's very own Windows Media or Silverlight, except embedded in HTML5.)

If you signed up for HTML5 on Youtube, you will note that Google uses HTML5 except for anything that they need to display advertising, as this is content protection/control. It is these videos that they resort back to Flash and we lose all the grace that is HTML5.

HTML5 video/audio has so much promise, and is so flexible. For example: Windows 8 IE10 HTML5 video or music playing on the web page, hit Devices on Charms Bar and you can send it to your Xbox or DLNA device seamlessly.

While A/V is still important to have on Windows, definitely have found it overall to be more secure as time goes on.
The main issue that I find is people don't pay attention. Windows 8 should help with this as well. They blindly click next not even realizing the junk they are installing. They also blindly click links in emails without considering that it may not be a reputable source.
Doing things through the Modern Interface exclusively should help some of this.

This is because the automatic updates mechanism has now been well developed in recent versions of Windows OS.

- What do we say to the Windows Update?
- Not today!

Phouchg said,

- What do we say to the Windows Update?
- Not today!

And then when you decide that it's time to update you postpone the restart 4 hours. Every time!

Renvy said,

And then when you decide that it's time to update you postpone the restart 4 hours. Every time!

I think people would be more willing to restart if there was a minigame to play while it's installing and rebooting.

Renvy said,

And then when you decide that it's time to update you postpone the restart 4 hours. Every time!

The time limit is now 2 days in Windows 8.

Renvy said,

And then when you decide that it's time to update you postpone the restart 4 hours. Every time!

Urgh. This kills me at work. Twice a day I have to hit the "4 Hours" and "Postpone" buttons.

Majesticmerc said,

Urgh. This kills me at work. Twice a day I have to hit the "4 Hours" and "Postpone" buttons.

We're not allwoed to do any of that where I work. The IT department runs updates overnite then shutdown all the PCs. At home I have my PC set to automatically install updates after 11pm so a rarely see the updates in progress.

Enron said,

I think people would be more willing to restart if there was a minigame to play while it's installing and rebooting.


This would indeed be great or at least less make it less horrible.

Majesticmerc said,

Urgh. This kills me at work. Twice a day I have to hit the "4 Hours" and "Postpone" buttons.

1) Your IT people need to be replace, this isn't how even a small business should operate.

2) This is a reason to move to Windows 8, as it no longer bothers users giving them a couple of days to try to find a time to restart, that it can initiate on its own when the system is not in use.

thenetavenger said,
2) This is a reason to move to Windows 8, as it no longer bothers users giving them a couple of days to try to find a time to restart, that it can initiate on its own when the system is not in use.

Its great. I don't even know the last time my pc updated its self for the past couple of weeks. wait is it up to date? I better go check.

thenetavenger said,

1) Your IT people need to be replace, this isn't how even a small business should operate.

2) This is a reason to move to Windows 8, as it no longer bothers users giving them a couple of days to try to find a time to restart, that it can initiate on its own when the system is not in use.

Thats a pretty ****-poor excuse for migrating a multi-national company to Windows 8, especially since I could just set a registry setting to prevent the reminders.

Shadowzz said,

This would indeed be great or at least less make it less horrible.

unless your pc is total poo it takes less then 30 sec to reboot, is it really that much of a hassle. Unless of course your at work then the IT dept needs to do a better job

Colin McGregor said,

unless your pc is total poo it takes less then 30 sec to reboot, is it really that much of a hassle. Unless of course your at work then the IT dept needs to do a better job

Mine is total poo. It's a McBook Pro 2011 edition, takes over a minute before Windows is in a usable state. I know, it's my fault for buying one.

stevember said,
Never as secure as an OS that the minority use. [/sarcasm]

But 2012 is the Year of the Linux Desktop!!!

And next year, too, and last year.