14 DAY TRIAL // There is no silver bullet solution for security, and no foolproof client operating system. But the fact of the matter is that while neither Linux, nor Mac OS X and not even Windows Vista are panacea solutions for protecting users, they are all less attacked than Windows XP and older versions of the Microsoft platform. And the lack of an evolved threat environment goes hand in hand with the perception of security. The fact of the matter is that Microsoft has played a counting game with the security flaws of various rival operating systems since Vista was introduced, just to highlight it as the most secure Windows platform to date.
But the sheer volume of vulnerabilities is not the sole relevant aspect when delivering a measure for security. In the context of a virtually inexistent threat environment, the kind enjoyed by Mac OS X and Linux, vulnerability measuring games amount to nothing, as there is little to no malicious code to exploit them. This of course is intimately connected with the market share of each operating system.
Windows Vista is currently just over the 6% milestone, and in this respect, just as obscure as Mac OS X, while Linux is still struggling under 1%. In contrast, Windows XP enjoys over 80% of the operating system market. Now a target exploit could hit even blindfolded...
"It is worth noting that almost all of the malware I find in my day to day work will only run on Windows computers. All operating systems suffer from vulnerabilities and personally, I refuse to enter the 'my os is better than your os' argument. But using an operating system other than Windows will prevent the majority of malware from running," revealed a member of the Sophos Labs.
Case in point: "Virus Top Twenty for August 2007" compiled by Kaspersky Lab and "The top ten list of web-based malware threats in August 2007" put together by Sophos. The first features no less than 20 examples of malware with Email-Worm.Win32.NetSky.q reigning supreme at the top, and all for Windows. Sophos' top ten is also exclusively focused on the Windows operating system.
"Cybercriminals are successfully using email and the web in co-ordination to infect innocent internet surfers," said Carole Theriault, senior security consultant at Sophos. "Home users and businesses alike need to take more steps to protect themselves from online threats, or risk being hit time and time again. It should be clear for everyone to see that businesses, web hosts and ISPs are failing to properly defend their websites. Fraudsters are continuing to find rich pickings on the internet, duping users into handing over their personal information."