October 29, 2013, 2:41 PM — Microsoft may eventually automatically turn on Windows Defender for PCs that are left-- deliberately or not--in an unprotected state, executives said Monday afternoon.
Microsoft security officials spoke on the eve of its latest Security Intelligence Report, scheduled to be released Tuesday. As it has been for the past few months, Microsoft's goal is to move as many of its customers off of the older Windows XP operating system onto something more modern and protected--Windows 8.1, if at all possible.
The idea is to minimize security risks to the PC community at large by essentially shutting down the unintentional security holes discovered within Windows XP. Microsoft will discontinue support for Windows XP in April 2014, allowing those holes to exist, unpatched, forever.
But if the goal is to minimize security risks, then it makes sense for Microsoft to close any holes left open by an unprotected operating system. In some cases, Microsoft executives said, consumers who try out a firewall or antimalware package aren't aware of when the trial period expires, so that the PC slips from a protected to an unprotected state. In the case of Check Point Software's Zone Alarm program, for example, the software simply stopped working after users upgraded to Windows 8.1.
Microsoft's first priority, however, is to maintain the relationship that a user has struck with the third-party anti-malware provider, said Holly Stewart, the senior program manager from the Microsoft Malware Protection Center. "We have to work collaboratvely across the industry," she said.
"As a customer goes into an unprotected state, we want those antivirus vendors to be installed as the first upgrade source," Stewart said. If the license has expired, the first thing Microsoft asks them to do is to go upgrade, she said.
Microsoft is also considering a plan to automatically turn on Windows Defender if the user remains in an unprotected state after being asked to upgrade. The goal is not to nag the user, Stewart said, but at the same time to notify them that they're not protected, and to move them back into a protected state with a minimum of fuss.
Microsoft also presented new data as additional justification for moving away from Windows XP. The data, compiled from more than a billion PCs, whose users have allowed Microsoft to use their data to improve Windows, was added to 400 million Outlook.com accounts and billions of Web page scanned by Bing.
The data showed that Windows XP makes up 22% of the worldwide user base; in some regions, such as Africa, the penetration can be as high as 32%, according to StatCounter. With an operating system more than a decade old, features that were advanced at the time of Windows XP's release, such as Data Execution Prevention technology, have been bypassed by malware writers.
Stewart said that the the number of pieces of malware that a Windows XP or Windows 7 or Windows 8 machine encounters is relatively constant, indicative of the habits of Internet users at large. But the number of computers that Microsoft reported as infected was far higher for those running Windows XP than for the other operating systems, Microsoft found.
The bottom line? Protect your PC--or Microsoft may do it for you.