Hackers will feed on Vista in 2008, says McAfee

Computerworld - [Eds. note: Due to an editing error, an earlier version of the second paragraph of this story didn't make the hacker attitude to Vista clear. The corrected version follows.]

Microsoft Corp. will face more than 40 vulnerabilities in Windows Vista next year, as the operating system climbs past the 10% market-share milestone and malware authors really start to find flaws, a McAfee Inc. analyst said today.

"Most of the current malware has ignored Vista," said Craig Schmugar, a threat researcher at McAfee's Avert Lab -- but that's not because the operating system has been frustratingly secure against attack. Rather, Schmugar argued, Vista's gotten off easy its first year because hackers didn't think it was a worthwhile target.

"These people make their living writing malware or attacking users," he said. "They're driven by financial motivation, and only when market share has an impact will they really work on Vista."

At some point in 2008, Vista will own a tenth of the desktop operating system market, Schmugar predicted. The milestone should mark the beginning of concerted efforts by attackers to root out vulnerabilities in the newer operating system. "Although the huge market share that XP has means [attackers] will still be profitable there for years to come, Vista at 10% will put it on their radar," he said.

According to data from Web metrics vendor Net Applications in Aliso Viejo, Calif., Vista's market share was about 7.9% at the end of October, up from 7.4% the month before.

"In the short term, Microsoft's case that Vista is more secure is supported by the data," conceded Schmugar, who referred to data Microsoft has cited from its Windows Malicious Software Removal Tool. In its most recent report on the tool (download PDF), Microsoft said the program cleaned malware from "60% less Windows Vista-based computers compared to computers running Windows XP SP2."

Schmugar's argument is that while that number is probably accurate, Vista's better performance isn't due only to its security prowess; it also stems from the fact that hackers haven't paid much attention to it.

"You look at the big malware, the most significant threats, and there's nothing specific to Vista in them," Schmugar said. "As Vista gains in adoption, it then impacts malware authors and forces them to focus attention on finding vulnerabilities, or to alter their social engineering techniques to accommodate it."

If that concept sounds familiar -- that market share plays a part in determining the vulnerability profile of an operating system -- it's because Mac OS X users have long relied on it. "There are definitely parallels between Mac OS X and Vista" when it comes to the likelihood of an attack, Schmugar said. "Operating systems aren't bulletproof. You can have an OS that's attacked less, certainly, but a larger part [of the equation] is market share."