From the Security Fix blog in the Washington Post, Brian Krebs writes:
Microsoft today gave the world a rare -- albeit conservative -- glimpse of its view on just how bad the virus and bot problem has gotten for Windows users worldwide. The data comes from 15 months' worth of experience scanning computers with its "malicious-software removal tool," a free component that Microsoft offers Windows XP, Windows 2000 and Windows Server 2003 users when they download security updates from Microsoft.
The tool has been run approximately 2.7 billion times by at least 270 million unique computers, leading to the removal of 16 million instances of malicious software from 5.7 million unique Windows-based computers over the past 15 months, Microsoft said. Sixty-two percent of those computers had Trojan horse programs on them.
Microsoft found that most of those Trojan programs took the form of bot software, which allows attackers to remotely control the infected machines for use in all sorts of online criminal activities, from knocking Web sites offline to spreading viruses, spam, adware and spyware. Bots in the Rbot, Sdbot, and Gaobot families made up three of the top five slots in terms of number of removals. (There are hundreds of variants of each of those bot programs, and usually several new ones surface each week.)
Microsoft also acknowledged an increasing prevalence of "rootkits," software that hackers and viruses can use to hide their presence once they have broken into a computer system. The company found rootkits in 780,000 machines, or 14 percent of those it treated. Microsoft noted that this figure drops to 9 percent (530,000 PCs) if you don't count the rootkit distributed via some Sony music CDs. In 20 percent of the cases when a rootkit was found on a computer, at least one backdoor Trojan was found as well, Microsoft said.
The statistics also show how computer worms never really go away. For example, the "Blaster worm," which first surfaced in August 2003, is still the 10th-most-removed piece of malware, according to Microsoft. Indeed, Redmond found that in about 20 percent of cases where it removed malware in March 2006, the intruder was something the removal tool had previously nixed. The continued high rate of Blaster infections no doubt is due in large part to the number of people who re-install Windows for whatever reason and do not immediately apply security updates or take other precautions necessary for surfing the Internet with a Windows machine, such as using firewall and anti-virus software.
Read the full article
here.
MTC Take: Here you go folks!!! Here's the cure to all your malware ails! Windows OneCare Live!!! For only $50 a year, Microsoft will ensure that your Windows machine will be defended from malware that exploits flaws er features in our OS.
Is it just me or is MS charging for OneCare Live just plain wrong, if not entirely illegal? Shouldn't the Justice Department step in and force MS to offer OneCare for free if MS does enter the multi-billion dollar anti-malware business.
Repeat after me - "Conflict of Interest"...
Linear Mode
