Microsoft links malware rates to pirated Windows

Computerworld - Microsoft today said computers in countries with high rates of software piracy are more likely to be infected by malicious code because users are leery of applying security patches.

"There is a direct correlation between piracy and the malware infection rate," said Jeff Williams, the principal group program manager for the Microsoft Malware Protection Center. Williams was touting the newest edition of his company's biannual security intelligence report.

According to Williams, the link between PC infection rates -- the percentage of computers that have been cleaned by the updated monthly Malicious Software Removal Tool, or MSRT -- and piracy is due to the hesitancy of users in countries where counterfeit copies abound to use Windows Update, the service that pushes patches to PCs.

China's piracy rate is more than four times that of the U.S., according to Microsoft's report, published today, but the use of Windows Update in China is significantly below that in the U.S.

Brazil and France also have a higher piracy rate, and lower Windows Update usage, than the U.S., Microsoft maintained.

But the company's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate -- as defined by the number of computers cleaned for each 1,000 executions of the MSRT -- of just 6.7, significantly lower than the global average of 8.7 or the U.S.'s rate of 8.2 per thousand.

France's infection rate of 7.9 in the first half of 2009 was also under the worldwide average.

Of the three countries Microsoft called out as examples of nations whose users are reluctant to run Windows Update because of high piracy rates, only Brazil fit William's argument: Brazil's infection rate was 25.4, nearly three times the global average.

Other countries with higher-than-average infection rates, however, also have high piracy rates, according to data published last May by the Business Software Alliance (BSA), an industry-backed anti-piracy organization, and research firm IDC. Microsoft is a member of the BSA.

By Microsoft's tally, Serbia and Montenegro had the highest infection rate in the world, with 97.2 PCs out of every 1,000, nearly 10%, plagued by malware. Turkey was No. 2, with 32.3, while Brazil, Spain and South Korea were third through fifth, with infection rates of 25.4, 21.6 and 21.3, respectively.

The BSA put Serbia's piracy rate, the percentage of the in-use software that's not licensed, at 74% in 2008, while Turkey, Brazil, Spain and Korea had estimated piracy rates of 64%, 58%, 42% and 43%, respectively. By comparison, the U.S.'s piracy rate was pegged at 20%, and the worldwide average at 41%.