Recent blog posts

64-bits of protection?

Microsoft claims that the 64-bit version of Windows 7 is actually safer than ordinary Windows 7. They actually have a point. Sort of.

By sjvn  5 comments

November 18, 2009, 10:48 PM Joe Faulhaber of the Microsoft Malware Protection Center has made the interesting claim that 64-bit Windows 7 is actually safer than ordinary, 32-bit Windows. He's right. "64-bit Windows [does] has some of the lowest reported malware infection rates in the first half of 2009." But, that's not the whole story.

Why? As Faulhaber explains, "Computer viruses are very confused by 64-bit. Taking a look at 64-bit executable code detected by Microsoft anti-malware technologies in the past month, the vast majority is innocent 64-bit files infected by 32-bit viruses. While a 32-bit virus can only see other 32-bit processes, it unfortunately can see the file system, and can tamper with files it finds there."

That's the good news. The bad news is that this works only because malware makers haven't been targeting 64-bit Windows. 64-bit Windows XP and Vista both had stability problems and good old regular 32-bit software often had problems running on it. Because of this few people ran either one.

Indeed, 64-bit Windows includes, as Faulhaber points out, WOW64 (Windows On Windows) 64, which lets 64-bit Windows run 32-bit applications. Windows 7 Professional and Ultimate also include Windows XP Mode, which allows you to run a virtual 32-bit copy of Windows XP on Windows 7 for older applications.

64-bit Windows 7, however, is better than either of its older 64-bit siblings. As time goes on though more and more users are moving to 64-bit Windows and applications are being ported to 64-bit Windows for them. The virus makers will soon follow them.

Today, when most people running Windows are still using 32-bit versions, malware creators are continuing to focus on it. As 64-bit version of Windows gets more popular its 'immunity' will decline.

You see what Microsoft is talking about here isn't really security. It's 'security by obscurity.' Essentially, all this means is that few people have busted into 64-bits Windows because no one has bothered to break into it. There's no real security here.

People like to claim that this is also the case with Linux or Mac OS X. They're wrong. Those systems actually are more secure than Windows. Relying on 64-bit Windows for added security is like driving in a car with a good safety record but that haven't been on the roads for that long. You may be safer for the moment, but, eventually, chances are you will have an accident.

So, if you're going to keep using Windows, 32 or 64-bit, you'll still need to good anti-viral protection. 64-bit Windows, by itself, is no protection.

5 comments

    Anonymous 2 years ago
    "Relying on 64-bit Windows for added security is like driving in a car with a good safety record but that haven't been on the roads for that long. You may be safer for the moment, but, eventually, chances are you will have an accident."You wouldn't actually be safer at the moment if you're driving a car that's a deathtrap, you're only "safe" until you get in an accident. With 64-bit windows you ARE actually safer AT THE MOMENT. If you "get in an accident" (dl some malware) you won't get "injured" (infected) until such time as someone writes 64-bit malware. 64-bit windows is currently safe, while that unsafe car isn't.It's more like driving a car that has a proven record of the brakes going out completely but that has a 5-star crash rating. At some point, it's going to happen, and you're going to be screwed. But at the moment, you're perfectly fine.
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago
    @ the author:These comments obviously show ignorance and did not read the article. You are absolutely correct!@ the commentersYes the Mac went down first at PWN2OWN but that was HACKING not malicious software. There is a difference (mind you, they tend to go hand in hand). It is harder to write viruses for Mac due to it's unix based structure, although the security has been severely weakened due to Apple trying to make them easier to use. Mac lost PWN2OWN due to safari (&safari's ease of use. read about it!).@mburton325Windows enjoys a majority of the "Desktop" market. ---Key word there ---- DESKTOP. If malware is about making money (which it mostly is), why would you not try to gain control of the most valuable things on the internet? Such as the NYSE.... Oh wait - They are running Red Hat Enterprise Linux! Why don't you write a virus for it? The source code is freely available.... by your logic you should be able to poke holes in it in no time.... what's stopping you? How many more financial transactions are done per day on the NYSE than your average person? Linux does have security problems that pop up, but NO ONE waits till a patch tuesday to fix it! A million eyes are better than 1. Linux controls the worlds most valuable and reliable things in the world. You use it every day but take it for granted. You sure as hell would be aware of the things in your life if they were running Windows. Please stop spouting ignorant nonsense as it lowers the IQ of you and everyone around you.
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago
    mburton325, I couldn't agree with you more. If anything MAC and Linux enjoy the same benefit as Windows 7 64-bit. They just don't have the market share. If they did it would be a different story.
    Flag comment  |  Permalink Reply
    mburton325
    mburton325 2 years ago
    "People like to claim that this is also the case with Linux or Mac OS X. They're wrong. Those systems actually are more secure than Windows. " I don't know if you are ignorant or just stupid but please do some research before putting your foot in your mouth. Evidence shows that Mac OS X is NOT more secure then Windows ex. PWN2OWN Mac OS X fell First Windows didn't get hack till close to the end of the competition and this was the BETA version of Windows 7. Linux has security holes in the code, but since it is the least popular of the three "Main" Operating Systems it is not targeted as much there for researchers do not feel the need to look at the code. Windows which still enjoys a 65% plus Market share not including Pirated copies is the main focus of malware writers due to the popularity and/or vast numbers of Windows PC. In the end it comes down to this, neither Linux or Mac OS X are more secure then Windows the numbers are not there due to the low number of users using the two operating systems.
    Flag comment  |  Permalink Reply
    Anonymous 2 years ago in reply to mburton325
    Still to date. MAC and *NIX are MORE SECURE than Windows. SECURITY is about virus' and malware, NOT the ability to PHYSICALLY HACK / Infiltrate a machine. There is a difference.
    Flag comment  |  Permalink Reply

      Add a comment

      Post a comment using one of these accounts
      Or join now
      At least 6 characters

      Note: Comment will appear soon after you have activated your account.
      Obscene/spam comments will be removed and accounts suspended.
      The information you submit is subject to our Privacy Policy and Terms of Service.

      ITworld LIVE

      SecurityWhite Papers & Webcasts

      White Paper

      A Proactive Approach to Server Security

      Learn why security-conscious organizations are taking a more proactive approach to server security. Download this Spire Research whitepaper to understand how you can eliminate the threat caused by today's more advanced threats and protect your organization's most valuable data.

      White Paper

      Protection Against Modern Cybersecurity Threats

      Download this case study to learn how this accounting and consulting giant uses Bit9's adaptive application whitelisting to offer employees flexibility without jeopardizing enterprise safety.

      White Paper

      Stop Hackers Before They Attack

      Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn how this New England hospital, breached multiple times by targeted attacks, put an end to the malware with Bit9 Parity. Their IT team can now identify malware and secure PCs and workstations -protecting patient care and privacy.

      White Paper

      From the Frontline - Preventing APT

      Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command that discovered no matter how much you educate users, hackers can get through traditional defenses. This targeted attack blew through all layers of their security, except one: Bit9 Parity's advanced threat protection.

      White Paper

      Protecting Point of Sale Systems from Targeted Attack

      If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on their POS systems using Bit9's award winning solutions.

      See more White Papers | Webcasts

      Answers - Powered by ITworld

      ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

      Join Now

      New questions

      What is the best software for recovery of deleted files?
      0 answers
      What business apps do you find most useful for tablets?
      0 answers
      How well do those privacy screen protectors work?
      2 answers
      Eligibility criteria to work at Microsoft or Google as a software engineer
      1 answer
      Why not use a prepaid mobile carrier for business use?
      3 answers
      View more questions

      Ask a question

      Join Now or Sign In to ask a question.
      Ask a Question