Why Does Windows Have So Many Viruses? A Perspective On Microsoft’s Biggest Foe

Many people who use Windows probably wonder why viruses and Trojans plague this operating system so much compared to other operating systems. Few people actually understand how viruses work and what they do, and even fewer know how to make one. Today, I was asked by someone why Microsoft has viruses and other operating systems don’t. The answer to this question is a very complex one, but we’ll explore it in detail in this piece. Hopefully, by the end, you’ll have understood why Microsoft has to constantly step up security.

Viruses are pieces of software written to take command of a system and exploit its vulnerabilities. Some of them are destructive (i.e. those that erase your hard drive) and others have more strategic purposes (i.e. those that use system resources to attack another system). Most viruses replicate by sending themselves via email attachments, social media links, or other methods that can reach your friends and family. This is why it’s important to stay a step ahead of them through security solutions like antivirus software.

Windows has been, and still is, the most popular operating system in use today. It’s not clear how popular each version of the operating system is (thanks to piracy), but we know that the system overall is seen in most houses and campuses. There seems to be some correlation between viruses and popularity. Naturally, since Windows is so popular, it’s more likely to be a target for viruses, since the developers have a broad base to operate with. They’re not going to bother with an operating system that has 10 million users when they have more than a billion to work with if they target the most popular one.

windowsvirus-laptops

So, naturally, there’s a bad side to being popular. Case in point: The Mac has seen an uptick in sales lately and Apple comes out admitting that Macs can get viruses. Shortly before Apple’s statement, a virus for Mac did appear, called the Flashback virus.

But, to be fair, it’s not all about popularity.

Microsoft has had an almost hilariously bad history of releasing software with several vulnerabilities. The KB patches you always download from Windows Update are usually packed with security fixes that take care of vulnerabilities that Microsoft has not foreseen.  A very well-known example of a poor security practice was Windows XP’s autorun feature. It would run anything within “autorun.ini” file from removable media, allowing the executable that runs to replicate itself onto your hard drive and, subsequently, download itself into USB drives that you pop into it. This was also a vulnerability in Vista, to some extent.

That was Microsoft’s bad, and it really didn’t anticipate that anything could go wrong by blindly following the instructions of a text file. The amount of exploits in Windows has died down as soon as Windows 7 came out, but there were still a lot of security vulnerabilities within the system. People are speculating that Windows 8 may be the most secure version of Windows up until now.

Since many computers still run vulnerable versions of Windows, it’s very difficult to tell how long the security threats will last. The only thing you can do to protect yourself is to install a good antivirus software and be very careful the files that you open, either online or offline.

Don’t forget to add to this discussion by leaving a comment below!

Computer Virus Detection by BigStockPhoto

28 comments

    • Tell me what is biased about saying that Microsoft is catching up to Apple in terms of security. In fact, some people think it surpassed Apple with W8.

      • I’ve used both platforms practically since they were first released to the market. I’ve sold both platforms to the corporate and government sector since the mid-80’s before WIndows 95 came out (no one was really using previous versions of Windows), and Apple has just been more problem free when it comes to viruses. It’s just a simple fact. most of the recent malware for OS X has been targeted towards Flash and Java, which aren’t written by Apple and they affect ALL OS’s that run Flash and Java. Apple has been trying to get rid of Flash, because it’s got too many security problems and they want users to deal with HTML 5 instead, which is an OPEN Standard and doesn’t require those stupid plug-ins, which on mobile devices can lead to battery drain, and not a good experience having to always update a plug-in which is why Apple, and Microsoft, don’t support Flash on their mobile devices. Finally, Adobe admits that Flash sucks and they are killing it off, FINALLY. Oracle finally is getting their act together on fixing Java vulnerabilities, so HOPEFULLY malware attacking Java will be a thing of the past. Apple doesn’t pay journalist to be pro-Apple, nor do they get involved with giving away free product to get celebrity endorsements. They might hand out demo units for journalists to write reviews, but they are typically loaned out, not given out for free. Apple just realized the virus problems which is why they close down access to certain aspects of the OS and why they chose the kernels they use. It was planned to be more secure from the beginning. There are problems associated with making an OS too open and viruses and malware are a result. It has NOTHING to do with market share, it has to do with how easy it is to write malware in the first place. I read an article a while back that interviewed Charlie Miller who could compromise a Mac within 5 minutes, but he indicated that it took him months to set it up, he actually doesn’t attend those hacking contests anymore and he indicated that his system of choice is a Mac and he admitted that overall, it’s less susceptible to malware. If you look at the list of malware for Windows vs OS X, OS X malware is a VERY short list. It’s just VERY difficult to do and it gets harder as time goes on as Apple finds more ways to prevent them.

        • You’re the guy who sounds like an Apple fanboy.

          The article actually says Windows was plagued with vulnerabilities, which the author of the article didn’t even try to hide.

          What’s biased with that?

        • Linux is the secure way to go; Hack and Crack contests prove that. I have used Ubuntu Linux almost 6 years and No virus or malware attacks, I have done all the wrong things and still safe and secure! I am a teck in Operating System security.

  1. to biased? do you use windows at all? i have a small business that i run cleaning out all the crud that gets in! from windows 95 up to windows 8 and trust me…not one single version of windows is worth a hoot in reguards to security! the only reason i use windows at all is for the ease of use and no other reason! the only other OS i’ve worked on was linux and the only reason it was brought to me was it was a dual boot setup and windows 7 was corrupted so bad the poor guy could not get the computer to boot after 4 hours of cleaning i had to reinstall everything for the guy….i also advised him to just go with linux! windows is a good idea but microsoft needs to work on the OS’s it has out now instead of making more junk for us to suffer through…i mean they charge enough for the OS so they should be able to fix the security problems at least!

    • I’d say that Windows has gotten pretty decent with security recently. The only thing hurting it today is its popularity.

      • “Windows has gotten pretty decent with security recently”

        Goody gumdrops for them! Unfortunately, when it comes to security, “pretty decent” is not good enough. You would not want to live in a house with just “pretty decent” security.

  2. I agree, this article is very biased. If you look at the facts as presented. True, Windows is the most popular OS and the reason it is targeted. True, every OS has had issues with malware and viruses; even Apple. True, I have not installed any virus protection on Windows 7 or 8 other than Microsoft’s built-in Defender (from 2010 – 2013) and not caught a single virus or spy-ware. Analogy: Microsoft Windows represents a home in a high crime rate neighborhood. They have evolved to face the threat. Apple OSX represents a cottage near a farm with open meadows and flowing rivers. Criminals are not interested in this cottage on the outskirts of town, so Apple has not been truly tested for security issues. Therefore, the real issue is presented. Apple is not more secure, how can it be? OSX has only garnered the attention of very few hackers because of its low install base. Hackers what to get their code out on as many systems as possible and that makes Microsoft the target of ill-intent. Security Professionals has proven that Windows 7, Windows 8, and Windows Phone 8 are more secure than any current Apple OS. Microsoft security problems are clearly what we call a problem of the rich. As Apple’s OSX gains adoption to reach mainstream status, they too will lock-down and hack proof the cottage. Last point; media outlets tend to favor anything Apple and therefore downplay hack attacks. In the last two years major viruses against OSX have gained very little national attention despite the high infection rates.

    • I believe I mentioned Apple starting to have problems with security due to the fact it’s starting to get a bigger market share. I’m a major fan of W7 and W8, but I wanted to state the facts: Windows has a bad history. In the last two versions, it’s caught up. I also mentioned that. Seriously, what makes this article so biased? Is it the fact that I have not said that Microsoft Windows is better?

      • Market share has nothing to do with it Miguel. Seriously, the only thing that market share might be responsible for is getting a threat spread quickly. but the number of threats has nothing to do with market share it’s more of how many users are affected and how fast they spread. Trust me, malware is written by people for several reasons. One, they are purposely trying to compromise the OS to find the faults so they can fix the problem or two, malicious a$$holes purposely trying to spread malware. There are PLENTY of a$$holes that try to compromise any platform and they’ll try to do it on OS X just as easily as Windows. But the problem is that many types of malware one can write on Windows is just simply impossible to write on OS X. So, they have to go after Flash and Java which neither wrote, but most people run both. It’s just which platform is the easiest to compromise. There were some early hacking competitions where someone put an OS X server up and they offered money to the first person that could hack it, and no one could do it. I think one of them had to literally change the OS so someone could remote login and that’s what changed it. The NSA had a white paper a LONG time ago that I read that explained how to make OS X totally secure and they, at the time, didn’t run Windows. Internally, they were using Unix and OS X servers because Windows NT just wasn’t secure enough. I’m sure that might have changed since then, but back in the early 2000’s, Windows servers weren’t being used by the NSA. I also read an article that talked about the FBI having to send the OS X computers they used to cease to some company in Canada that was able to successfully get into a OS X computer because they didn’t know how to do it. The article was a funny read since it journalist used some silly headline that criminals should use OS X since it’s so hard to hack into their system to get information.

    • Market share has NOTHING to do with it. It has to do with how EASY it is to write malware. Plain and simple. Trust me, there are a lot of Anti-Apple MS users that for some reason have a stick up their rear end about Apple, and they’ll go anything to damage Apple’s reputation. Why? I have no idea, maybe because Apple seems to make Windows look pathetic when it comes to ease of use. Apple has been gaining market share over the past 6 years and more and more Windows users are abandoning Windows and going with OS X. I see a lot more engineering students buying Apple MacBookPros and running whatever OS they want to. Even the PC Mags are rating OS X better than Windows and maybe you feel threatened by Apple. I haven’t seen any Security Professional prove that Windows is more secure than Apple. And what took Microsoft so long? I stopped using Windows regularly around the time when XP came out. I had problems with Windows 2000, never had problems with Mac OS, and then OS X came out and since I started using it, no problems to speak of and Apple just focuses on adding features, making it more optimized and it’s getting better all of the time. Microsoft changes the GUI every major release and it’s just a pain in the ass to deal with the constant GUI changes and Windows 8, to me, is a joke. Touch screen UI for a desktop/laptop and having to switch back and forth between the UI, is just dumb. I use a 27inch screen for my desktop and there is NO F-ing way a touch screen would make any sense, especially when I can use either a gesture based track pad or mouse to do the same thing. In order to use a touch screen, I would literally have to get out of my chair and lean over to be able to physically touch each corner of the screen. So touch screen based OS is just DUMB. I mean, REALLY dumb. I’d rather have the mfg spend more money on a better quality screen or on other technology like Thunderbolt than to get touch screen capabilities. Your analogies are not very good. Apple just had security in mind before they chose the kernels they use and they don’t want to open up their OS to threats. this cottage and farm analogy you are using is ridiculous. mainstream? I am really trying to figure out why you think Apple isn’t mainstream? Their Laptops have been getting rave reviews by the PC Mag, and there are some that are actually saying that the best Windows laptop is a MacBook. With a Mac, you can run Linux or WIndows, if you want to, and some people will do that for various reasons. Apple has better customer support than Microsoft, Apple has a more reliable product and they aren’t cutting costs just to throw some cheap piece of crap on the market. There is a difference in the quality of consumer grade PCs than the models they sell into the corporate model. And why do you think the PC mfg have a tough time making any profit? It’s because they have support an OS they didn’t develop. There are pros and cons to each business model, but even Microsoft has admitted that they might have to take a more Apple approach and actually market and sell their own computers, hence Surface RT and Surface Pro, which both have proven to be flops, just like the Zune media player. In many ways Microsoft is in deep $hit as PC sales declining at a VERY fast rate. I think the hardcore Windows users feel personally threatened by Apple’s success. You shouldn’t feel that way. You should embrace what Apple does, because you may find yourself having to use their products to get a job, especially since their tablets are becoming the tablet of choice of a lot of Enterprise customers. Having an alternative to Windows is a good thing. It keeps Microsoft honest. Microsoft has had their little monopoly too long and its actually good that Apple came out with their products as it gives people a choice to NOT use Windows. I’ve used and sold both platforms to corporate and government sectors and I have abandoned using Windows and never looked back. Every time a friend comes to me with a WIndows computer and they have problems, I shake my head and go back to my Mac happy since the types of problems THEY have don’t exist on a Mac, or it doesn’t take that much time to fix the problem. The attacks Apple has had recently have been more to do with Flash, which is FINALLY getting dumped, and Java, which runs on Windows and that’s not Apple, that’s Oracle/Sun, which they are fixing.

      • You really have fun writing, don’t you? Well, I’m not going to write a novel, but I’m going to say this:

        The more market prominence anything… Any… thing…. has had, the more it becomes a target to hackers. It’s part of the challenge of running a business. The bigger your store gets, the more likely burglars are to see it as a “challenge full of riches.” As Apple steadily grows, so does the possibility of vulnerabilities being discovered. When the “you only need one button” crowd grows, it will eventually say “and you also need anti-virus.”

        This is the way of life. I’ve personally w.r.i.t.t.e.n exploitative code and malware as proof-of-concept in Apple’s OSX. You won’t believe how easy it is to do it. The thing is no one bothered until recently. Now, it’s just a challenge for Apple, and I certainly hope they succeed. They’re a pretty cool company.

        • I agree with Bob Smogango, market-share is just a smoke screen put out by M$ and its supporters. It is the number and type of vulnerabilities that are the determining factor. If OS/X were the greatly dominant O/S (Apple should only be so lucky!) and Windows were the poor relation, there still would be more malware written for Windows because it is so full of exploitable holes.

          *nix owns the server market and yet it is the seervers running Windows that are most often compromised. So much for the myth of “bigger market share making for a bigger target.”

          Just one example illustrates the problem. Ever since the first release of Windows, programs running in user space could compromise the operating system. The problem has existed since at least 1990. In the 20+ years, Microsoft has at least 5 major Windows releases. During all that time it has not seen fit to close that vulnerability or at least it has gone on about it rather half-heartedly.

    • There plenty of hackers that try to compromise OS X, but certain types of malware simply cannot be written for OS X. It has NOTHING to do with your little cottage analogy. If there is an OS with any number of people using it, they’ll try to compromise it. But even some of the most well known hackers like Charlie MIller have a difficult time doing it. With iOS, Apple’s solution is safeguarding their customers by checking apps before they get posted and they give the user a safe and trusted place to obtain apps. That’s one defense against it. So it discourages people from writing malicious code and gives users a safe place to do, but they aren’t forced into going to Apple’s App store, but they are encouraged if they want a trusted source for Apps. So that’s being proactive. The problems lately (a year or two ago) were more going after Java and Flash, but that’s not Apple and they affected both Windows and OS X users, but Apple is doing their part in making it less of a problem, but they can only do so much since they don’t write Java or Flash, that’s a Oracle/Sun and Adobe issue they have to address.

    • What’s funny is that you thing that criminals are not interested in Apple. Good. Then if you like Windows, maybe you want to get closer to criminals. Hmm. Something for you to think about. I would prefer to stay as far away from criminals., maybe that’s why I chose to abandon Windows and go OS X. Market share has NOTHING to do with the number of viruses. There are certain things that allowed certain types of malware to be written for PCs and that’s the number one reason, so don’t be delusional about it. Apple just makes it harder and harder to compromise their OS. It’s just the way the kernel was designed. Miguel explains that autorun.ini file in the article.

  3. “The only thing you can do to protect yourself is to install a good antivirus software and be very careful the files that you open, either online or offline.” What that really means is, you have a choice. open the file, and risk infection, or don’t open it, and not get to read/play/watch/listen to/install whatever it was you decided not to open.

    I beg to differ about “The only thing you can do to protect yourself…” If someone asked me what to do, I’d say “ditch Windows and use Linux.” But then again, I suppose there are Billions of people out there who like taking the risk of being infected, and are conned into thinking that there is such a thing as 100% effective anti-virus software.

  4. Miguel, quick thought… I honestly feel that the popularity of Windows presents itself to users that have no clue what the hell they’re doing. In fact, everyone that I come across having issues with their Windows PC / laptop have trouble locating their own files. In other words, they have the hardest problem with trying to use a basic function such as Windows explorer. I even have a friend who couldn’t grasp the fact in order to get his new iPod connected to the “internet” you need to have a WiFi router, hub, or device. Some people don’t even have a clue what and “.exe” file really is. Some go as far as to dismiss it as a virus. I have family who won’t download “.exe” off of a legitimate site because they think it’s evil. It’s quick sad though, I remember getting my first PC for my birthday one time and it came pre-installed with Vista. I didn’t realize how much people hated it, but I never had an issue with it because I knew what I was doing. Part of it is knowledge. If you don’t wish to learn the system to some extent, then get something else that’s “simpler” from Apple; (w/ tons of cons). That’s exactly why I don’t bother with Linux. It’s a programmer’s heaven because it’s tailored for digital development in so many ways. Ha, that’s another subject, but I couldn’t possibly get a work done with a command line interface. People who expect me to browse the web with a command line are no-lifes. lol

    • You should really try some of the latest Linux distributions. They’re quite impressive. What you have to say about Windows, though, is a sad truth. The reason so many people like Windows, I guess, is all due to popularity, ease of use, and hardware choice. You can run it on practically any x86/x64 computer. It’s the main advantage, and one reason why I stick to my guns.

      However, Linux has quite the same characteristics now, with the added advantage that it’s, well, free.

      • The problem with Linux is running mainstream software. If all you are doing is pretty much simple apps, then it doesn’t matter what you use, but if you in a certain line of work and need to run the same apps others use, Linux is not a preffered platform. It’s typically something that only a VERY small crowd of people will use, not meant for mainstream users.

        Free doesn’t mean better. Apple designs their S/W and H/W together and they will bring technology sooner, hence their adoption of Firewire back in the 90’s and now with Thunderbolt. I haven’t heard of any Linux OS supporting Thunderbolt. Even Thunderbolt adoption amongst PCs is spotty and not mainstream for them and there are a lot of Thunderbolt devices that only run on OS X.

        I wouldn’t recommend Linux to an average User for the desktop OS. just something I don’t feel comfortable doing.

        • Fusion of hardware and software is a big win, especially for the average consumer who doesn’t know how to filter through all the BS of third-party H/W manufacturers. Personally, I’d rather build my own rig, though. Nothing beats what I can add to my own computer.

        • “The problem with Linux is running mainstream software. ”
          You sound like somebody who has not any contact with Linux in at least 15 years. I will grant you that one area where Linux is lacking is games. However, other than some very specialized apps, Linux has all the mainstream software that Windows has. Windows does have some specialized software that Linux does not but, at the same time, Linux has software that Windows does not.

          “It’s typically something that only a VERY small crowd of people will use, not meant for mainstream users.”
          FUD. Entire cities and countries have switched from Windows to Linux as their preferred O/S. I worked for a major US county and half of our work was performed on Linux (P/R, Accounting, Departments of Health and Social Services).

          “I haven’t heard of any Linux OS supporting Thunderbolt.”
          Other than Apple, very few H/W manufacturers are supporting Thunderbolt so to criticise Linux for not supporting it is unfair and ludicrous. M$ does not support Thunderbolt.

    • I think it’s been a while since you’ve touched Linux, you don’t have to go into the command line at all with distributions such as Ubuntu, OpenSUSE, and Fedora. You also clearly haven’t browsed the web with a command line browser before lol. Seriously though, see where Linux has gone.

      • Yep. By the way, command-line browsers are awesome. I’ve used them once in a while to see how some pages render.

  5. One of my drinking pals was known as the Malware Maniac in computer virus creator circles. He once boasted during a heavy drinking session that he has more ruined the lives of more computer users that Windows 8 and Vista combined!! he assures me that it is very difficult to write malware for Macs than Windows machine. There you have it, straight out of the horses mouth.

  6. Nice article . I personally feel that Microsoft windows 8 , windows 7 , vista security needs o be improved. I had horrible experience with these OS in the past .

Comments are closed.

Sponsored Stories