November 18, 2009, 10:48 PM — Joe Faulhaber of the Microsoft Malware Protection Center has made the interesting claim that 64-bit Windows 7 is actually safer than ordinary, 32-bit Windows. He's right. "64-bit Windows [does] has some of the lowest reported malware infection rates in the first half of 2009." But, that's not the whole story.
Why? As Faulhaber explains, "Computer viruses are very confused by 64-bit. Taking a look at 64-bit executable code detected by Microsoft anti-malware technologies in the past month, the vast majority is innocent 64-bit files infected by 32-bit viruses. While a 32-bit virus can only see other 32-bit processes, it unfortunately can see the file system, and can tamper with files it finds there."
That's the good news. The bad news is that this works only because malware makers haven't been targeting 64-bit Windows. 64-bit Windows XP and Vista both had stability problems and good old regular 32-bit software often had problems running on it. Because of this few people ran either one.
Indeed, 64-bit Windows includes, as Faulhaber points out, WOW64 (Windows On Windows) 64, which lets 64-bit Windows run 32-bit applications. Windows 7 Professional and Ultimate also include Windows XP Mode, which allows you to run a virtual 32-bit copy of Windows XP on Windows 7 for older applications.
64-bit Windows 7, however, is better than either of its older 64-bit siblings. As time goes on though more and more users are moving to 64-bit Windows and applications are being ported to 64-bit Windows for them. The virus makers will soon follow them.
Today, when most people running Windows are still using 32-bit versions, malware creators are continuing to focus on it. As 64-bit version of Windows gets more popular its 'immunity' will decline.
You see what Microsoft is talking about here isn't really security. It's 'security by obscurity.' Essentially, all this means is that few people have busted into 64-bits Windows because no one has bothered to break into it. There's no real security here.
People like to claim that this is also the case with Linux or Mac OS X. They're wrong. Those systems actually are more secure than Windows. Relying on 64-bit Windows for added security is like driving in a car with a good safety record but that haven't been on the roads for that long. You may be safer for the moment, but, eventually, chances are you will have an accident.
So, if you're going to keep using Windows, 32 or 64-bit, you'll still need to good anti-viral protection. 64-bit Windows, by itself, is no protection.
