Microsoft finds malware abundance during Windows security updates

New data from Microsoft reveals that about 1 in every 300 times its scans a PC while downloading security updates an infection by malware is identified, of which the most common type are Trojan horses.The data, taken from scans using Microsoft's malicious-software removal tool of 270 million computers over a 15 month period, turned up […]

New data from Microsoft reveals that about 1 in every 300 times its scans a PC while downloading security updates an infection by malware is identified, of which the most common type are Trojan horses.
The data, taken from scans using Microsoft's malicious-software removal tool of 270 million computers over a 15 month period, turned up 5.7 million computers that had been infected at some stage.

The malicious-software removal tool is a temporary program that is downloaded with security updates for Windows 2000, XP and Windows Server 2003 and then self deletes.

The majority of infections, according to Microsoft, which released the data at its TechEd 2006 conference, were potentially dangerous Trojan horse bot programs. Increasingly prevalent bot programs, are often used by attackers to gain remote control of computers and use them for criminal activities such as the circulation of spam and spyware.

After Trojans, the next most prevalent and a growing form of malware found by Microsoft was rootkits, software which acts as a cloaking device for malware such as a Trojan. Rootkits were found by Microsoft on 780,000 computers that it scanned during the 15 month period and one in every five computers which was found to have a rootkit also had at least one Trojan.

As some commentators have pointed out, the Microsoft data is revealing insofar as it only addresses the Windows 2000, XP and Windows Server 2003 platforms. Earlier platforms like Windows 98 and Windows ME are generally considered even less secure and Microsoft is in the early stages of ceasing security support for them.

Windows, Malware