Microsoft has come out guns blazing after claims based on independent security reports place Windows Vista on par, and even on an inferior position as compared to Windows 2000 in terms of security. Austin Wilson, Director, Windows Client Security Product Management, rejected the validity of statistics compiled by security vendor PC Tools Software in a study comparing Vista security to that of older Windows clients. Wilson denied that Microsoft's latest Windows operating system was in any manner more susceptible to malware infections as compared to its predecessors and especially Windows 2000. The Redmond company argued that its own data harvested via the Malicious Software Removal Tool (MSRT) painted a different picture of Vista's level of security.

"Our results published in the April 2008 version of the Security Intelligence Report show that Windows Vista is significantly less susceptible to malware than older operating systems. In fact, from June - December 2007, using proportionate numbers, the MSRT found and cleaned malware from 60.5% fewer Windows Vista-based computers than from computers running Windows XP with Service Pack 2 installed. How about Windows 2000? Using proportionate numbers, MSRT found and cleaned malware from 44% fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77% fewer than from computers running Windows 2000 SP3", Wilson explained.

Microsoft's own data provided by MSRT comes from in excess of 450 million computers on which the tool was installed during the second half of 2007. Wilson added that while Vista managed to come on top of all previously released Windows platforms, the statistics for Windows 2000 also include the server versions of the operating system which are less impacted as compared to their client counterparts. But still, Microsoft continues to advise Windows users, even of Vista, to deploy security solutions in addition to the mitigation included into the product by default.

"Does this mean that anti-malware software isn't necessary? Absolutely not. No software is perfect", Wilson said, "mentioning just a few of the defense-in-depth improvements and features that are in Windows Vista that aren't included in Windows 2000: DEP, ASLR, firewall on by default, Windows Defender, IE hardening, User Account Control, Windows Security Center, parental controls etc…"