Three-quarters of all rootkit infections are on Windows XP machines, and it's not because XP is so ubiquitous. If you’re still dragging your feet on moving to Windows 7, consider this: a report from the Czech antivirus firm Avast notes that three in four PCs infected with rootkits are running Windows XP, and it’s not because so many people use the aging operating system.Avast, one of the better antivirus vendors out there (testing report in PDF format here), has published the results of a six-month study of more than 630,000 rootkit samples and found that 74 percent of infections were on Windows XP machines, while 17 percent were on Vista machines and just 12 percent of infected machines ran Windows 7.However, the installed base of the operating systems doesn’t line up with rates of infection. Avast found 49 percent of the users of its avast! antivirus program were running XP, 38 percent ran Windows 7 and the 13 percent used Vista. So even though half of its customers are using XP, they account for three-quarters of all rootkit infections. The reason is fairly clear: rootkits are highly intelligent pieces of malware that can hide from the user, operating system and kernel, making them extremely hard to spot and remote. Windows Vista introduced a new, more secure kernel, and Windows 7 built upon that improved kernel. That said, there are still some rootkits targeting 64-bit Windows 7, including a new one called TDL-4, that was called “pretty much indestructible.”In an interview with Computerworld, Ondrej Vlcek, CTO of Avast, offered up a second theory on why XP is so heavily infected. With Windows Service Pack 3, Microsoft implemented stricter anti-counterfeiting measures through the Windows Genuine Advantage program. Vlcek noted that a third of Avast users running XP are still on Service Pack 2, which didn’t have the WGA program, but support for XP SP2 ended a year ago. As in, no more patches and bug fixes. So if a security hole emerges for SP2, it doesn’t get plugged.He speculated users were hesitant to upgrade to Service Pack 3 because they were running an illicit copy of Windows XP and didn’t want to get nailed by WGA. So they are running an OS that’s both out of date and no longer getting any more security fixes.If that is indeed the case, that there are people using a now-insecure pirated version of Windows XP and are getting a rootkit infection, I have no sympathy for you. Related content news Alkira expands NaaS platform with ZTNA capabilities Network-as-a-service vendor Alkira looks to extend security down to user policies and posture for a full zero-trust approach. By Sean Michael Kerner Oct 23, 2024 6 mins SaaS Network Security Networking news IBM launches platform to protect data from AI and quantum risks The SaaS-based Guardium Data Security Center provides unified controls for protecting data across distributed environments, including hybrid cloud, AI deployments and quantum computing systems. By Michael Cooney Oct 22, 2024 4 mins Generative AI Hybrid Cloud High-Performance Computing analysis Gartner: Top 10 strategic technology trends for 2025 Agentic AI, post-quantum cryptography, AI governance, and hybrid computing are among the most pressing and potentially disruptive trends that enterprises are facing, Gartner reports. By Michael Cooney Oct 21, 2024 8 mins Generative AI Edge Computing Network Security analysis Has the time come for integrated network and security platforms? Platformization buy-in has been elusive in the past, but AI could be the impetus for enterprises to give new consideration to the idea of a consolidated network and security platform. By Michael Cooney Oct 21, 2024 5 mins SASE Generative AI Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe