64-bit Windows safer, claims Microsoft
But lower infection rates for 64-bit won't stand, counters researcher
Computerworld - Windows users running 64-bit versions of the operating system are less likely to get infected by attack code, Microsoft's security team said yesterday.
But that doesn't mean they won't, countered an outside security researcher.
"64-bit Windows has some of the lowest reported malware infection rates in the first half of 2009," said Joe Faulhaber of the Microsoft Malware Protection Center in a post to the group's blog yesterday. "64-bit malware is still exceedingly rare in the wild."
Faulhaber cited statistics gleaned from Microsoft's Malicious Software Removal Tool (MSRC), a free malware detection and deletion utility the company updates and pushes to users monthly. According to Microsoft's data, the 64-bit version of Windows XP was 48% less likely to be infected than the 32-bit edition during the first half of 2009; PCs running Vista 64-bit, meanwhile, were 35% less likely to be infected than Vista 32-bit.
Windows 7, which was not included in the data for the first half of this year because it had not been released in final form, also is available in both 32- and 64-bit editions. Faulhaber noted that Windows 7 64-bit is the dominant flavor of that new OS as he touted its security. "Most PCs shipping with Windows 7 come with the 64-bit versions of Windows," he observed.
Windows 64-bit is safer to run, he argued, in large part because malware, which is written for the much more widely used 32-bit versions of Windows, is "confused by 64-bit."
That's not necessarily true, said Alfred Huger, formerly with Symantec and currently vice president of engineering at security start-up Immunet. "There's a lot of 64-bit malware," said Huger. "They can run their code in compatibility mode, or they can compile it for 64-bit. The reason they're not is that there's still not a lot of 64-bit deployment. There's 64-bit malware out there, just like there's Mac OS malware out there. But right now, [64-bit] is just not as opportune a target as 32-bit."
It's relatively simple for criminals to customize their attacks against 64-bit systems, Huger maintained. "We almost never see just one [piece of malware] on a machine. It's almost always eight or ten or a dozen," he said. "Most malware gets on your system because you put it there, and one of the things most attacks do is download a bootstrapper that then downloads other malware. It's easy for attackers to have their bootstrapper check whether the OS is 64-bit, then grab 64-bit malware to download onto the PC."
In the end, said Huger, there just isn't a "compelling reason" for hackers to bother with 64-bit, but there's nothing inherently more secure about a 64-bit operating system. "Malware is just software," he observed. "It can execute on 64-bit just like other software."
Faulhaber argued that 64-bit Windows was safer by design than the less-powerful 32-bit version, ticking off such measures as PatchGuard, which makes it more difficult for malware to tamper with the operating system's kernel. PatchGuard is included in the 64-bit versions of XP, Vista and Windows 7. He also mentioned WOW64 (Windows On Windows 64), the lightweight emulation mode that lets 64-bit versions run 32-bit code. "The additional protections built into 64-bit Windows will make it harder for malware to make the 64-bit jump," Faulhaber said.
While Faulhaber trumpeted 64-bit XP's and Vista's -- and by extension, Windows 7's -- ability to sidestep more malware, the bi-annual Microsoft Security Intelligence Report he cited said that some of the lower infection rates might have nothing to do with the OS, and everything to do with the user.
"Infection rates for the 64-bit versions of Windows XP and Windows Vista are lower than for the corresponding 32-bit versions of those platforms, a difference that might be attributable to a higher level of technical expertise on the part of people who run 64-bit operating systems," the report concluded. "This difference may be expected to decrease as 64-bit computing continues to make inroads among mainstream users."
Nor did Faulhaber go so far as to claim that 64-bit Windows, even Windows 7, was stout enough to do without security software. "64-bit Windows needs 64-bit anti-malware software like Microsoft Security Essentials to protect the whole computer," he acknowledged, touting his company's free security suite, which shipped in late September.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts