# Got A Virus? It's Your Fault Says Microsoft



## qubit (Oct 16, 2011)

Yes, that's right the maker of notoriously vulnerable software is now blaming you, the user, should you get a virus, trojan or other malware infection on your Windows computer. However, it does look like they have some justification for saying this. For those with long attention spans, Microsoft have just released their 168 page Microsoft Security Intelligence Report 6MB PDF, with the stated aim of providing: 





> An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in the first half of 2011


 The first thing to note about the report is that it is limited to its Malicious Software Removal Tool and Microsoft's other anti-malware products. Zero-day attacks that it can't detect are not included in the findings. So, surely it can't all be the user's fault then? It also means that the security angles from third party security vendors such as Kaspersky, Norton and McAfee aren't represented here.



 




By far the biggest attack vector with 44.8% is infection with the help of the user, where they're duped into running some dodgy attachment or clicking an equally dodgy link. What with the generally very low level of computer literacy of most ordinary users, this is hardly surprising. Taking second and third place are two autorun options, USB at 26% & network at 17.2%, with all the others at surprisingly low levels, especially the exploit when update is long available, standing at only 3.2%.

Next up are the well known operating system vulnerabilities. 32-bit XP SP3 is by far the most insecure of recent OS's, with 10.9 Computers Cleaned per Thousand (CCT) which is unsurprising, considering the many hundreds of patches required since its 2001 release. Vista SP1 32-bit is a bit better at 8.8 CCT (so much for the much-touted enhanced security at it's 2007 retail launch), with the 64-bit version somewhat better at 6.7 CCT. From there, OS security improves significantly with the best being Windows 7 SP1 64-bit, which is to be expected, at a low 1.1 CCT. Server infections are surprisingly high though, considering that they are based on the same code base as their client counterparts. For example, Server 2008 R2 has the same underlying code as Windows 7, yet it's CCT is 3.3 times higher, at 3.6. Why should this be, since the admins that run them can be assumed to know about patching and general good security practice?

Of infections due to third party software vulnerabilities, Java takes the cake with between one-third and one-half of all observed exploits. Again, old versions are the most vulnerable and as Java auto updates, there's really no excuse to be running such old versions.





Because core OS security has increased so much in recent years, cybercriminals haven't stood still. Since duping uninformed "clueless" users is the most effective form of attack, they have now moved on to social networks in a big way, as they are so popular. Considering the type of fraudulent ads which can sometimes be seen on the side of a Facebook page, where the picture and text suggest one thing, but actually lead you to something completely different and obviously fraudulent when looked at a little more closely, it looks like the social networks themselves could do more to protect their users by vetting their advertisers more stringently.

One significant enhancement to computer security, is Microsoft's proactive stance on eradicating botnets in the last few years. On several occasions now, stories have been published covering particular botnets that were taken down by Microsoft working together with law enforcement in various countries to track down the command and control servers and websites, putting them out of action and thus disrupting the botnet. The infected machines can then be cleaned up later. This writer has from personal experience, seen spam drop from up to around 50 items a day to maybe 6 or 7 per week which is a great improvement, so this strategy is clearly working.

The conclusion for such a big report is remarkably concise, so is quoted in full:





> Unfortunately, the process of eliminating malware from a computer is likely to become much harder in the next few years. Malware has become a lucrative business for the criminals who create and distribute it, and they have a financial incentive to find new ways to evade detection and make malicious files and processes harder to remove.
> 
> Therefore, understanding how malware spreads, operates, and defends itself at a fundamental level should be considered a prerequisite for IT professionals charged with protecting their users from attack and containing outbreaks when they occur. However, the best guidance is that which helps prevent malware infection from ever occurring. For more information about how to prevent malware infection, see the Microsoft Malware Protection Center at www.microsoft.com/security/portal.



Overall though, it doesn't seem like infections are down much, with social media phishing taking up the slack as clueless users blindly run malware and click on bad links. It would be desirable if the overall rate dropped, so that criminals would be put out of business and be forced to work for a living like everyone else or preferably, sit in jail.

One thing that surprisingly wasn't mentioned in the report is the need to run a hardware edge firewall on your network. Without it, it's only a matter of time until Windows gets hacked into, regardless of how well patched it is. Thankfully, every decent modern home router has one of these built in and is switched on by default, addressing this critical requirement. For corporate networks, using a hardware firewall is a standard security policy decision.

Another worthy line of attack against botnets is the ISP. In some cases, ISP's monitor their user's internet connections, looking for patterns of behaviour that indicates a compromised machine. If found, they notify the user, usually by email. They may also slow down the connection, filter it or turn off access completely, depending on the user agreeemnt and the severity of the attacks, until the customer has addressed the problem

Due to its 168 pages, the report is very detailed and covers a wide range of topics, so covering them all is beyond the scope of this story. However, some of the more interesting areas covered in the report are: the rising attacks on Android smartphones, Flash Player exploits, spam, phishing and malware sites, rogue security software, Process Explorer and strategies for eradication of malware from infected machines.

Finally, the big takeaway from this report, is the usual advice of running the latest versions of all your software, including the OS (64-bit where possible) patch it as patches are released, use internet security software, use a hardware firewall and of course not forgetting user savvy to avoid getting duped by social engineering tricks into doing something stupid. Reckless user behaviour is by far the biggest part of this problem, just like car accidents.

*View at TechPowerUp Main Site*


----------



## John Doe (Oct 16, 2011)

They are right. Most the time people blindly open random e-mails, visit badly compiled sites etc. That is how most viruses are taken. No matter which OS you have, there is always a chance of taking a virus if you don't know what you're doing. As long as you secure your PC real-time, and do not fall for anything, you pretty much will never get hacked.


----------



## theJesus (Oct 16, 2011)

qubit said:


> Due to its 168 pages, the report is very detailed and covers a wide range of topics, so covering them all is *beyong* the scope of this story.


----------



## Dave63 (Oct 16, 2011)

John Doe said:


> They are right. Most the time people blindly open random e-mails, visit badly compiled sites etc. That is how most viruses are taken. No matter which OS you have, there is always a chance of taking a virus if you don't know what you're doing. As long as you secure your PC real-time, and do not fall for anything, you pretty much will never get hacked.



I agree and stay away from them side ads and 3rd party apps like java and flash.


----------



## Wile E (Oct 16, 2011)

I agree with MS. The majority of infections are user error. I don't run AV on my machine full time, only install and run one every once in a while. When I do decide to run one, I'm always clean.


----------



## HTC (Oct 16, 2011)

Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?


----------



## Mussels (Oct 16, 2011)

quite an interesting article, but i doubt i can be stuffed reading the source PDF


----------



## Wile E (Oct 16, 2011)

HTC said:


> Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?



2003 is irrelevant to the scope of this article. Back then it was an insecure OS. This is about current rates, in which we have much more secure OSes.


----------



## Kreij (Oct 16, 2011)

theJesus said:


>



If you find a grammar or spelling error in a news article, please PM the writer instead of posting in the thread.

On Topic : Microsoft's report is right. the majority of infections are caused by people clicking on things they do not examine, oblivious to the consequenses.
The social networks (ie. Facebook) are going to be a HUGE problem as 99% of the people who happily share all their personal data and click on everything have no clue what they are doing.


----------



## John Doe (Oct 16, 2011)

HTC said:


> Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?



I had KAV Internet Security and never got it back then. The only stuff I got was from DL'ing porn over KaZaa back in Millenium, Bullguard lol.


----------



## n-ster (Oct 16, 2011)

The only virus I ever had was 100% my fault and I knew I had a 80% chance that I was going to get infected for downloading and installing the program. I did it anyways in the off-chance it was real, because my A/V scan turned up negative xD Stupid.

I don't have an A/V, but I do scan suspicious files if I decide to want to try them. I now practically never download suspicious files, actually none since a year (when I got the virus).

BTW, I download a shit-ton of stuff and go on dodgy sites, click on ads by accident all the time, have bouncing boobs a few times as well, but in my 12 freaking years of massive PC using, I only had 1 virus and it was 100% my fault. Also note that I've been regularly using my computer massively since I was 7 years old, and even at that age I didn't do something stupid, and I was stupid enough to delete Windows files because I wanted to save HDD space LOL so *USE YOUR FREAKIN' COMMON SENSE *

Also, Apple's OS X is much less secure than Windows. If hackers would target OS X as much as Windows, it would be hell for Mac users


----------



## NC37 (Oct 16, 2011)

Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.

So yes, it was my fault for trying out M$ branded AV software.

Epic M$, real epic.


----------



## n-ster (Oct 16, 2011)

Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though


----------



## qubit (Oct 16, 2011)

n-ster said:


> Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though



It looks like you practice Safe Sex Surfing, which can get you surprisingly far. 

Are you sitting behind a hardware firewall in your router? That's the important one. This and keeping your Windows and apps patched are the two biggies to staying safe, besides user behaviour.


----------



## v12dock (Oct 16, 2011)

omg yes! I thank you Microsoft of speaking up


----------



## John Doe (Oct 16, 2011)

qubit said:


> Are you sitting behind a hardware firewall in your router? That's the important one.



Actually, it isn't as important as people think. I run a single port modem, no routing. But I have my ports closed so it's a non-issue. AV however is more important IMO. It's easier to get a virus from Google images...


----------



## erocker (Oct 16, 2011)

n-ster said:


> Lol I have the default Firewall disabled also. I run without ANY A/V except anything that I cannot turn off. I might be lucky though



Same here. I run in DMZ mode on my modem, no A/V and I also have Windows Defender turned off. The only protection I have is Windows Firewall and that really isn't much. I haven't had anything bad happen, but if it did I have a backup. Just wipe the drive and clone.


----------



## qubit (Oct 16, 2011)

John Doe said:


> Actually, it isn't as important as people think. I run a single port modem, no routing. But I have my ports closed so it's a non-issue. AV however is more important IMO. *It's easier to get a virus from Google images...*



Yeah, I've seen that too. Kaspersky flags up a big warning when it leads to an infected page and blocks it from downloading.

Still though, with a hardware firewall, you can actually sit online with no patches at all on the OS and not get nailed. With the big caveat of course, that you basically don't do anything online with it.  The only place one should go with a newly installed, unpatched OS is Microsoft Update and patch it completely, before doing anything else.

In the end though, there's no silver bullet with computer security. It's a strategy involving many different components, all working together.



erocker said:


> Same here. I run in DMZ mode on my modem, no A/V and I also have Windows Defender turned off. The only protection I have is Windows Firewall and that really isn't much. I haven't had anything bad happen, but if it did I have a backup. Just wipe the drive and clone.



I'll bet you do that to get low ping rates in online games?


----------



## IlluminAce (Oct 16, 2011)

ID-ten-T errors have always been the biggest cause of security breaches, in whatever field - technical or otherwise. Back "in the day", the likes of Kevin Mitnick (now global icon) utilised this to their advantage in what's come to be known as social engineering. This involved such old favourites such as phoning up a support operative, claiming to be one of the company's managers who had forgotten the password for a critical piece of infrastructure... you get the idea.  

It used to be perpetrated against large corporates the most; now the focus seems to have shifted to individuals. Instead of getting poorly paid workers to hand over access to corporate mainframes or communications infrastructure, the common thread seems to be persuading individuals to click on the wrong thing on their screen, thereby adding their machine to a botnet, or providing an attacker remote access, or joining a spamming/DDOS task, or passing back keypresses, or whatever it may happen to be. The fact is: it's easier to get non-technical people to click something accidentally, then it is to wade through thousands of lines of source code, or try to understand countless lines of assembly, or test every possible input field for non-validation, etcetera.

If only we could do away with that living organism between the chair and the keyboard, the Internet would be a much safer place...


----------



## FordGT90Concept (Oct 16, 2011)

qubit said:


> 32-bit XP SP3 is by far the most insecure of recent OS's, with 10.9 Computers Cleaned per Thousand (CCT) which is unsurprising, considering the many hundreds of patches required since its 2001 release.


That's still remarkably low.  Only 1.09% of computers scanned by Malware Removal Tool are infected.  Malware Removal Tool is a security update by all versions of Windows since XP so virtually everyone has it (unless you're a pirate ).

I agree with the findings though.  User error is the most common cause and vulnerabilities in HTML/JavaScript/browsers is second, in my experience.




qubit said:


> Why should this be, since the admins that run them can be assumed to know about patching and general good security practice?


Either stupid admins browsing the web/email on the server or they're more vulnerable because they tend to have more ports exposed for...serving.  Ehm, Windows itself might not be the vulnerability; it could be the software sitting on those exposed ports (JVM, anyone?).


----------



## twilyth (Oct 16, 2011)

There's no substitute for browser plugins that block active content by default.  It can be a pain in the ass if you're online shopping and going to a lot of new sites where you have to enable javascript or flash, but otherwise requires little effort and prevents the most common types of online exploits since they virtually always rely on one or the other.

Personally, I love Avira.  My only qualm is the fact that it doesn't give you the max protection it's capable of out of the box and to get that you have to go in and change at least a half dozen settings.


----------



## exodusprime1337 (Oct 16, 2011)

I am in complete support of this, people need to learn to use the internet.  It's not that hard, i spend a good part of my job cleaning up the mess left by virus's on client pc's.  It sux, and it's always the same bullshit "how did this happen to me?"  "i didn't do anything wrong"  Google this shit people, learn to browse safely lol.


----------



## exodusprime1337 (Oct 16, 2011)

NC37 said:


> Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.
> 
> So yes, it was my fault for trying out M$ branded AV software.
> 
> Epic M$, real epic.



Not necessarily true.  Defender is re-enabled on windows vista-7 machines after the install.  Next things is that the definitions mse uses are all inclusive of what defender has so it will catch whatever defender would catch and more
Third thing, is that it's still your fault you ever got the trojan in the first place


This article simply states that if people knew how to browse safely and didn't fall prey to stupid and obvious schemes virus scans and virus removal wouldn't be so hard or widespread as it is

Sure mse didn't catch your trojan, but that doesn't change the fact that it was your fault it ever got there int he first place.


----------



## Mussels (Oct 16, 2011)

oh look, a pirated copy of that software i didnt want to pay for!

*double clicks crack, blames ensuing virus on crap antivirus product/OS*


----------



## qubit (Oct 16, 2011)

Mussels said:


> oh look, a pirated copy of that software i didnt want to pay for!
> 
> *double clicks crack, blames ensuing virus on crap antivirus product/OS*



Yes, that's a point. Microsoft plays up the infected software angle from illegal downloads for all it's worth, but it's true. They are from an unknown and untrusted source, so it's no surprise that they come with little "extras".

The only time you can be sure is if you know the official Microsoft SHA1 for the ISO file you're downloading and then use something like md5summer to compare it. That pure file will of course come without the trojan crack you need to run the software...

Moral of the story: just go legit.


----------



## Batou1986 (Oct 16, 2011)

Chances are if your reading this you already know it to be true.
Thankfully ppl are stupid so i will still have plenty of computers to fix.


----------



## Mussels (Oct 16, 2011)

Batou1986 said:


> Chances are if your reading this you already know it to be true.
> Thankfully ppl are stupid so i will still have plenty of computers to fix.



*ahem*


DAMNIT QUBIT YOU'RE COSTING ME POTENTIAL CUSTOMERS


----------



## qubit (Oct 16, 2011)

Batou1986 said:


> Chances are if your reading this you already know it to be true.
> *Thankfully ppl are stupid so i will still have plenty of computers to fix.*



Yes, I do work on the side, too and it also helps me. There is indeed an upside to this.


----------



## theJesus (Oct 16, 2011)

Isn't there some conspiracy theory about the big A/V companies releasing some real nasty viruses back in the day to scare people into purchasing A/V software?


----------



## Batou1986 (Oct 16, 2011)

theJesus said:


> Isn't there some conspiracy theory about the big A/V companies releasing some real nasty viruses back in the day to scare people into purchasing A/V software?



Not that i can remember, but i do believe Norton is in cohorts with HDD manufactures to move product by engineering the best software on the planet to wear out harddrives and make your pc run slow as a 486 machine.


----------



## twilyth (Oct 16, 2011)

Mussels said:


> oh look, a pirated copy of that software i didnt want to pay for!
> 
> *double clicks crack, blames ensuing virus on crap antivirus product/OS*



All questionable software needs to be "aged", just like a fresh steaming pile.  Once it's been sitting out in the sun and rain for several weeks, it's not nearly as offensive.


----------



## hat (Oct 16, 2011)

I have to agree with them somewhat... I can browse porn sites, 4chan and whatever else and still not get viruses. It seems like it's mostly about not opening random emails, ads, strange links, or filling out forms to get that free laptop you just won.


----------



## HTC (Oct 16, 2011)

Wile E said:


> *2003 is irrelevant to the scope of this article. Back then it was an insecure OS.* This is about current rates, in which we have much more secure OSes.



Not so: just because back then it wasn't as secure as it is today is irrelevant. It's the OS maker's job to make it so that worms such as Blaster aren't possible to begin with.

It's one thing to get infected when you click on something you shouldn't but it's quite another to get infected by simply connecting to the Internet (not opening pages or anything): is this the user's fault? Only if you count installing the OS and connecting to the Internet: then, it's the user's fault.

Just because today's OSes are more secure doesn't mean they don't get affected, and this article proves that.


----------



## qubit (Oct 16, 2011)

theJesus said:


> Isn't there some conspiracy theory about the big A/V companies releasing some real nasty viruses back in the day to scare people into purchasing A/V software?



I've never seen any proof of this, so it's likely to be an urban myth, if a plausible one. My take? I think there's enough real viruses to go round to keep every a/v vendor busy forever. However, I do believe that a/v companies are not above releasing malware, which they then "detect" and "eradicate" before the competition can do it to boost their perceived value in the marketplace and thus sell more software. I have zero proof that this happens though, it just seems a reasonably plausible possibility.


----------



## ObSo-1337 (Oct 16, 2011)

No matter how much hate Microsoft get for this, they are bloody right. The only viruses i got were my fault and i knew that the thing i was downloading could potentially be infected (I was desperate!)


----------



## Derek12 (Oct 16, 2011)

The common sense and knowledge are in many cases the best antivirus.


----------



## razaron (Oct 16, 2011)

Ever since I switched to Vista back in 2008 I haven't gotten a single virus. That's _without_ any anti-virus software installed. Then when I changed to W7 about a year ago, I went half a year without any AV software installed. Still no viruses. I then installed MSE because it's free and still no viruses. 
Windows XP on the other hand sucked donkey... ahem, what I mean to say is that XP forced me to do a fresh install every other month.

Do note that I don't browse the internet in a "safe" way. I go to all the sites that you're not supposed to go to if you don't want viruses.


----------



## buggalugs (Oct 16, 2011)

I remember Microsoft saying the same thing years ago, its true though....


----------



## Frick (Oct 16, 2011)

qubit said:


> Yes, that's right the maker of notoriously vulnerable software



This does not help people getting over that image. It's just not true anymore (when looking at OSes at least)


----------



## FreedomEclipse (Oct 16, 2011)

In my years of being connected to the interwebs. I myself have never had a serious issue with viruses or malware that left me with no choice but to wipe the system.

I had only had one mild case of malware infection a few months ago and everytime malwarebytes removed it, it would come back. Fortunately I was recommended a much more agressive anti-malware program called ComboFix which got rid of it.

I probably scan with Malwarebytes once a month or when i suspect dodgy software.

Virus scans im more touche about - I have terribytes of data so scanning for the first time can take potentially upto 2 days.


But yes - less stupid people = less bread and butter for me


----------



## Derek12 (Oct 16, 2011)

I've got virus only in my first months of computing and Internet, with Windows 98 and Mcafee installed, but now I haven't got any in the last 6 years and I don't have any resident antivirus but I scan it monthly with on-line scanners and Kaspersky virus removal tool.


----------



## qwerty_lesh (Oct 16, 2011)

FreedomEclipse said:


> II had only had one mild case of malware infection a few months ago and everytime malwarebytes removed it, it would come back. Fortunately I was recommended a much more agressive anti-malware program called ComboFix



www.bleepingcomputer.com/download/anti-virus/combofix

dont use the .org the author is bleepingcomputer dont trust this utility from anywhere else. 

some of the unoriginal copies when used against certain rootkits can wipe your drives contence.

only BleepingComputer.com and infospyware.com are authorised to distribute combofix by Subs, never get it from anywhere else.


----------



## 1c3d0g (Oct 16, 2011)

HTC said:


> Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?



If you left your damn machine unpatched, then hell yes, it's your own f*cking fault!


----------



## Lionheart (Oct 16, 2011)

Fuck you gaysoft


----------



## FreedomEclipse (Oct 16, 2011)

Lionheart said:


> Fuck you gaysoft



Grow up


----------



## Katanai (Oct 16, 2011)

Viruses are overrated imo. I don't know what's all the fuss about. Windows 7 x64 is the most secure OS I've ever worked with, except the internal XP SP3 by HP. That was XP done right, sadly not by Microsoft...


----------



## Neuromancer (Oct 16, 2011)

I had no problems with Vista either (once I fixed networking shares issues) which I had to do again in 7 anyway...

I had 2 infections over the last 15 years of online presence. Both were my fault.


----------



## MilkyWay (Oct 16, 2011)

To be fair lots of the time its the users fault, id rather people just learned good computer practises.


----------



## KainXS (Oct 16, 2011)

1 billion percent right, everytime someone used to bring us a computer complaining about viruses, they were downloadin pirate software or downloadin porno, those are the 2 biggest virus getters.

even if you do have antivirus, if your downloading dozens of pirated softwares, sooner or later a virus will get by and you will be screwed.


----------



## MikeMurphy (Oct 16, 2011)

Vista and Win7 with MS Security Essentials has been absolutely rock solid for me.

The BIGGER problem these days is junkware.


----------



## streetfighter 2 (Oct 16, 2011)

My work uses the newest version of Outlook and, with that in mind, I can honestly say that 99% of viruses are because Outlook has the security policies of a wet paper bag.

Years ago my standard brief to clients was, "don't download anything".  I've changed it up a bit and it's now, "virtualize and do whatever you want".  Although I recommend VMware or VirtualBox, there are other solutions such as Dell's Secure Browser but I've never tried it.


----------



## Frick (Oct 16, 2011)

streetfighter 2 said:


> My work uses the newest version of Outlook and, with that in mind, I can honestly say that 99% of viruses are because Outlook has the security policies of a wet paper bag.



could you ellaborate on this mayhap?


----------



## Easy Rhino (Oct 16, 2011)

qubit said:


> Yes, that's right the maker of notoriously vulnerable software



sorry but i stopped reading after this line. this is supposed to be news, not opinion. if this were posted in any other section on this site it would be closed due to trolling.


----------



## popswala (Oct 16, 2011)

i bet most ppl that get viruses are young ppl who click away and have to explorer the whole dang internet and then the older ppl that don't what something is and just clicks on it. (o look, a monkey wearing sunglasses wants my credit card number. I don't see why not) lol. 

I haven't used windows firewall since xp (off and uninstalled) since it would restrict my bandwidth when I used emule. Nowadays I just run aviara, malwarebytes, spybot every now and then. Haven't had a problem in yrs. I had only one virus that would reset my pc during post/window logon. Only fix was being fast enough to get into bios and enter safe mode to format. Been clean ever since.

Isn't there something like an ip tracker or something that you can use to block and trace (to shut them down) those annoying spam emails? A lot of people get those stupid lottery or a relative past away in some weird country and left you their whole estate. I would love to stop all that annoying spam. I tried replying back a few times telling them to stop but it just comes back as undeliverable.


----------



## Wile E (Oct 16, 2011)

HTC said:


> Not so: just because back then it wasn't as secure as it is today is irrelevant. It's the OS maker's job to make it so that worms such as Blaster aren't possible to begin with.
> 
> It's one thing to get infected when you click on something you shouldn't but it's quite another to get infected by simply connecting to the Internet (not opening pages or anything): is this the user's fault? Only if you count installing the OS and connecting to the Internet: then, it's the user's fault.
> 
> Just because today's OSes are more secure doesn't mean they don't get affected, and this article proves that.



Ummmm, it's 100% irrelevant, since the article is about the status of these OSes in the first and second quarter of 2011, not 2003. It proves how far OS security has come since then, and also shows that most infections are *presently* user error.

That's like saying all Ford cars are now unsafe because Pintos exploded into fireballs in wrecks in the 70's.


----------



## mastrdrver (Oct 16, 2011)

I need to put this link in my sig. Click me!


----------



## Fx (Oct 16, 2011)

long live viruses!

you cant fix stupid...


----------



## HTC (Oct 16, 2011)

1c3d0g said:


> If you left your damn machine unpatched, then hell yes, it's your own f*cking fault!


You're missing the point. The fact there was something that enabled the worm to work as it was designed to (before the patch) is the problem.
Why couldn't the OS come with whatever it was the patch fixed to begin with? If so, Blaster wouldn't exist since there was no whatever-it-was to be exploited.


Wile E said:


> Ummmm, it's 100% irrelevant, since the article is about the status of these OSes in the first and second quarter of 2011, not 2003.* It proves how far OS security has come since then, and also shows that most infections are presently user error.*
> 
> That's like saying all Ford cars are now unsafe because Pintos exploded into fireballs in wrecks in the 70's.


Much more secure, sure: with this i can agree.

Still, and to use an analogy:

I see loads of topics where people mention the hate of Seagate HDDs because this or that happened in the past. Why don't you explain to them "That was in the past: it's much safer now!" and see what their reaction is.

It's ballsy to claim most viruses are user fault when you're the maker of the software which allows for so much hacks: poorly coded? Dunno, really.


----------



## m4gicfour (Oct 16, 2011)

This is precisely why I install Avast or MSE, Firefox with ABP and depending on the user a few other choice plug-ins. 

No matter how many times you tell people about safe browsing practices, there are always those who come back saying "I didn't install that!" or have some spoof AV software telling them that their hard drive is mechanically damaged by a virus and it can be fixed by buying some software 

Nobody has ever complained about free antivirus software, or about having less ads on their webpages. ABP blocks 90% of what users click on and get infected, and it increases the chances of the person using FF instead of dropping right back into using IE6.0 with 80000 toolbars


----------



## Frick (Oct 16, 2011)

HTC said:


> It's ballsy to claim most viruses are user fault when you're the maker of the software which allows for so much hacks: poorly coded? Dunno, really.



The every single piece of code ever is poorly written. Which it might be, I don't know. Or is it the fault of the creators of the code that are to blame? Is it a flash plugin's fault or the creator of Bloons TD fault that Flash have security issues?


----------



## HTC (Oct 16, 2011)

Frick said:


> The every single piece of code ever is poorly written. Which it might be, I don't know. *Or is it the fault of the creators of the code that are to blame?* Is it a flash plugin's fault or the creator of Bloons TD fault that Flash have security issues?



Maybe, dunno.

Why don't they create a team who's only job is to try and hack their OS? If they find the coding problems before the product is shipped to customers, it would help them, no?

Think of it as prevention rather then reaction: why wait for hackers and what not to find exploits and risk major problems if you can pay someone to do it and fix the problem before it reaches the end user?


----------



## [H]@RD5TUFF (Oct 16, 2011)

While I agree in principal that the vast majority of infections are a result of the end user, how those infections are exploited is a result of security holes ion the OS.


----------



## theJesus (Oct 16, 2011)

HTC said:


> Why don't they create a team who's only job is to try and hack their OS? If they find the coding problems before the product is shipped to customers, it would help them, no?
> 
> Think of it as prevention rather then reaction: why wait for hackers and what not to find exploits and risk major problems if you can pay someone to do it and fix the problem before it reaches the end user?


Companies already hire consultants for that sort of stuff.  It's called ethical hacking, penetration testing, etc.


----------



## HTC (Oct 16, 2011)

theJesus said:


> Companies already hire consultants for that sort of stuff.  It's called ethical hacking, penetration testing, etc.



Really? Was unaware of this. In that case, they should hire more "consultants".


----------



## Frick (Oct 16, 2011)

HTC said:


> Really? Was unaware of this. In that case, they should hire more "consultants".



I think it is more a case of "hackers gonna hack". I'd say it's damn near impossible to predict how code will be exploited before hand no matter how well it's written. And new technologies/understandings can be used to exploit older code, and how can you know what will happen a few years down the road?

I more secure system also means more restrictions.


----------



## FreedomEclipse (Oct 16, 2011)

Frick said:


> I think it is more a case of "hackers gonna hack". I'd say it's damn near impossible to predict how code will be exploited before hand no matter how well it's written. And new technologies/understandings can be used to exploit older code, and how can you know what will happen a few years down the road?
> 
> I more secure system also means more restrictions.



youre forgetting that Most AV software has a 'collective' like borg feature. If a computer gets attacked by a virus while it has anti-virus or Firewall running. Most security software will submit a report of the attack to support and support will come out with a new update that prevents the same attack from happening with other of the computers running the same security software providing they regularly update the databases.

Hackers gonna hack - thats correct. but depending how good they are, they are most likely only possible to use that virus or exploit a number of times before it gets patched over.


----------



## arnoo1 (Oct 16, 2011)

basicly it's your own fault when you have virussen, don't go unsafe site's, every user should no what he/she is doing on that thing,

i don't have had a virus in like 2 years


----------



## dlpatague (Oct 16, 2011)

I agree with MS too. I can't count how many times I've had to fix my friend's comps because they got some AD malware or something on there. I even make sure to install AV and other programs like peerguardian on their comps yet they still get crap on their comps. I never should have shown them bittorrent either because they download virused stuff all the time. I never get viruses or malware. Ugh...I guess in the long run I make money off them because I charge them everytime I have to fix something for them. ROFL!


----------



## twilyth (Oct 16, 2011)

FreedomEclipse said:


> Hackers gonna hack - thats correct. but depending how good they are, they are most likely only possible to use that virus or exploit a number of times before it gets patched over.


That's part of it, but the people who have actual skills are few and far between.  Virtually every time the press calls someone a "hacker", doing so elevates them far above the station they actually deserve.

But like the old joke about 2 guys running from a bear, the average hacker doesn't have to be better than every other hacker, he just has to be better than the average user - and that ain't askin' a whole lot.


----------



## [H]@RD5TUFF (Oct 16, 2011)

twilyth said:


> That's part of it, but the people who have actual skills are few and far between.  Virtually every time the press calls someone a "hacker", doing so elevates them far above the station they actually deserve.
> 
> But like the old joke about 2 guys running from a bear, the average hacker doesn't have to be better than every other hacker, he just has to be better than the average user - and that ain't askin' a whole lot.



exactly

The average user assumes everything is secure, which is the worst kind of security.


----------



## treehouse (Oct 16, 2011)

NC37 said:


> Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.
> 
> So yes, it was my fault for trying out M$ branded AV software.
> 
> Epic M$, real epic.



this does not make any sense, windows defender would not have been 'stopping' it, it only permanently blocks or quarantines detections so even uninstalling windows defender would not have allowed that particular infection through, plus windows defender signatures are included MSE..


----------



## Winston_008 (Oct 17, 2011)

qubit said:


> I've never seen any proof of this, so it's likely to be an urban myth, if a plausible one..



I agree well have to take it to mythbusters.

Personally. Ive had win 7 installed on my new pc over a month, with no extra security other than what windows offers, and have had 0 infections. But hey how would i know i have no a/v to check!


----------



## The-Don (Oct 17, 2011)

Been on the internet since 96'. Never gotten a virus either. Although I agree that there are certain security vulnerabilities within the OS and other software, 99.999% of the problem is users.

As for malware, every person whose computer I have to work on regularly has one thing in common. They all use Internet Explorer. Those who use FF or Opera don't seem to get as many problems. Can you run IE safely? Certainly, but with default settings, the average user's PC will be full of crap in a few hours of running IE.


----------



## micropage7 (Oct 17, 2011)

yeah i agree, its from user fault.
from email, attachment, removable things
so it aint a surprise if said like that, and one more no matter what the largest os will be a good target to attack


----------



## Derek12 (Oct 17, 2011)

The-Don said:


> Been on the internet since 96'. Never gotten a virus either. Although I agree that there are certain security vulnerabilities within the OS and other software, 99.999% of the problem is users.
> 
> As for malware, every person whose computer I have to work on regularly has one thing in common. They all use Internet Explorer. Those who use FF or Opera don't seem to get as many problems. Can you run IE safely? Certainly, but with default settings, the average user's PC will be full of crap in a few hours of running IE.



ActiveX was evil in the old days of IE 4/5


----------



## Ahhzz (Oct 17, 2011)

HTC said:


> Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?



Sasser...


----------



## Ahhzz (Oct 17, 2011)

Easy Rhino said:


> sorry but i stopped reading after this line. this is supposed to be news, not opinion. if this were posted in any other section on this site it would be closed due to trolling.




hmm.... looks like Mod Trolling...


----------



## de.das.dude (Oct 17, 2011)

Mussels said:


> oh look, a pirated copy of that software i didnt want to pay for!
> 
> *double clicks crack, blames ensuing virus on crap antivirus product/OS*



dont forget, hey look free facebook emoticons! *click*
woah an iPhonie for 100$!! *click*
look a free online lottery *click*

meh... internet noobs


----------



## Derek12 (Oct 17, 2011)

de.das.dude said:


> dont forget, hey look free facebook emoticons! *click*
> woah an iPhonie for 100$!! *click*
> look a free online lottery *click*
> 
> meh... internet noobs



Haha I remember some false antivirus software and the typical "_your computer has 9385998783 errors click here to fix it_" or the "You have 1 new message click for read it" or the &%/$%"" false download buttons. Result: "go write format C:" . And I was fooled (when I was a n00b)


----------



## qubit (Oct 17, 2011)

Easy Rhino said:


> sorry but i stopped reading after this line. this is supposed to be news, not opinion. if this were posted in any other section on this site it would be closed due to trolling.



There's no trolling from me.  You'd be in a better position to criticise if you'd actually read all of it instead of throwing insults at me, don't you think? Come back to me with a reasoned argument, making _constructive_ points and I'll debate it with you, if you must.

Ahhzz seems to have a point...


----------



## Frick (Oct 17, 2011)

qubit said:


> There's no trolling from me.  You'd be in a better position to criticise if you'd actually read all of it instead of throwing insults at me, don't you think? Come back to me with a reasoned argument, making _constructive_ points and I'll debate it with you, if you must.
> 
> Ahhzz seems to have a point...



I'll try: That statement you made is not true anymore, and it feels like a low one, coming from you. I know you know better.


----------



## qubit (Oct 17, 2011)

Frick said:


> I'll try: That statement you made is not true anymore, and it feels like a low one, coming from you. I know you know better.



Eh? I was just defending myself. I have no idea what you mean.


----------



## Derek12 (Oct 17, 2011)

Frick said:


> I'll try: That statement you made is not true anymore[...]



Well, historically it's true more vulnerabilities were discovered in MS products, but again, may have to do with the usage share of their products, and interest from virus makers or crackers to infect them, and not fault from Microsoft (as far I know) etc. none software escape from the viruses and worms and vulnerabilities even non Microsoft products.


----------



## Frick (Oct 17, 2011)

qubit said:


> Eh? I was just defending myself. I have no idea what you mean.



The first sentence in your article.


----------



## de.das.dude (Oct 17, 2011)

Derek12 said:


> Haha I remember some false antivirus software and the typical "_your computer has 9385998783 errors click here to fix it_" or the "You have 1 new message click for read it" or the &%/$%"" false download buttons. Result: "go write format C:" . And I was fooled (when I was a n00b)



you know the software, i know people who actually believe with their heart that its an antivirus!


----------



## qubit (Oct 17, 2011)

Frick said:


> The first sentence in your article.



No, because it's justified by what follows - it's a classic situation of taking something out of context otherwise.


----------



## Derek12 (Oct 17, 2011)

de.das.dude said:


> you know the software, i know people who actually believe with their heart that its an antivirus!



Yeah they are very similar to any legit AV, and they says "your computer has <random number> virus, remove them", and really they do the opposite, as the infamous WinFixer/WinAntivirus crap  try to convince these people to install a real AV like Kaspersky, NOD32, Avast etc, their computer would be happy


----------



## micropage7 (Oct 17, 2011)

Derek12 said:


> Yeah they are very similar to any legit AV, and they says "your computer has <random number> virus, remove them", and really they do the opposite, as the infamous WinFixer/WinAntivirus crap  try to convince these people to install a real AV like Kaspersky, NOD32, Avast etc, their computer would be happy



you mean fake AV?
but in some cases local AV performs better for local virus than others


----------



## Frick (Oct 17, 2011)

qubit said:


> No, because it's justified by what follows - it's a classic situation of taking something out of context otherwise.



No. It's not justified. I've read the piece some times now and "the maker of notoriously vulnerable software" is never justified in it.

I think you thought we were complaining about the "pass blame on the user" thing, but that part is accurate.


----------



## qubit (Oct 17, 2011)

Frick said:


> No. It's not justified. I've read the piece some times now and "the maker of notoriously vulnerable software" is never justified in it.
> 
> I think you thought we were complaining about the "pass blame on the user" thing, but that part is accurate.



Does Microsoft not have a reputation of notoriously insecure software? Of course they do, it's been that way for years and was well deserved. Only in recent history have they made signficant strides in security. My second phrase acknowledges that they have a point in finally pointing the finger at the user. The data from Microsoft also supports this - whether one accepts their data is another matter and not the point here.

Besides, there's such a thing as an irreverent writing style which spices things up a bit, which is what I do, so enjoy the humour!


----------



## Derek12 (Oct 17, 2011)

micropage7 said:


> you mean fake AV?
> but in some cases local AV performs better for local virus than others



Yeah those rogue software scams, for example WinFixer I wasn't victim of this one but similar ones which I can't (and hope not to) remember


----------



## Frick (Oct 17, 2011)

qubit said:


> Does Microsoft not have a reputation of notoriously insecure software? Of course they do, it's been that way for years and was well deserved. Only in recent history have they made signficant strides in security. My second phrase acknowledges that they have a point in finally pointing the finger at the user. The data from Microsoft also supports this - whether one accepts their data is another matter and not the point here.



It *was *well deserved is the point I'm trying to make, whereas the very first words in this article make it sound like they still deserve this, which they don't.


----------



## qubit (Oct 17, 2011)

Frick said:


> It *was *well deserved is the point I'm trying to make, whereas the very first words in this article make it sound like they still deserve this, which they don't.



No, they don't deserve this reputation any more. However, I dunno why people are getting so hung up on that first sentence. As I said, irreverent writing style and there's an example.

In the rest of the article, I pretty much agree with Microsoft and put the blame at the hands of clueless users - heck, I even used the term. So no, I'm not bashing them for having insecure software, as they used to have.


----------



## sy5tem (Oct 18, 2011)

Batou1986 said:


> Chances are if your reading this you already know it to be true.
> Thankfully ppl are EDIT:**-uneducated-** so i will still have plenty of computers to fix.



this make like 15% of my remote support .. "my computer is slow I DID NOT DO ANYTHING!"

lol  ohh look into history CRACK & PORN!  got there magicly!

LOLOLOL


----------



## TurdFergasun (Oct 19, 2011)

MS makes shitty software, designed to artificially support MS trained "techs" aka false middle men.  that is all.  quit defending beligerant piss poor programming, unless you're one of the fools who've paid their bribes to receive MS certification, then i guess you have a vested interest in pimping the status quo.


----------



## FreedomEclipse (Oct 19, 2011)

TurdFergasun said:


> MS makes shitty software, designed to artificially support MS trained "techs" aka false middle men.  that is all.  quit defending beligerant piss poor programming, unless you're one of the fools who've paid their bribes to receive MS certification, then i guess you have a vested interest in pimping the status quo.



you dont need a Microsoft tech to tell you your computer as absolutely FUBAR'd. theres people out there who can do it for you for less 

Far from defending Microsoft but becoming MS certified really opens up a lot of doors when it comes to jobs, even if you dont stay within the hardware/software support sector.


----------



## cdawall (Oct 19, 2011)

can i just say I agree that if you got a virus it is your fault. I have gone a couple of years now virus free.


----------



## m4gicfour (Oct 19, 2011)

To repurpose something w1zzard said once:

Sure, I could have a virus free computer, if I RTFM and paid for legitimate software, but OH ZE NOES I needs my free porn, iPod, motorcycle, PS3, XBOX and dodgy antivirus download from a site I found from a banner ad IQ test asking whether or not the picture is of a woman or a potato


----------



## Mussels (Oct 19, 2011)

the potato spelled intelligence wrong


----------



## newtekie1 (Oct 19, 2011)

I agree with Microsoft.  I clean viruses as part of my living, and in the past 6 years of doing it professionally, I have yet to find clean a virust that didn't get on the computer by the user doing something stupid.  And it amazes me how many times I've heard "the anti-virus wouldn't let me do blah blah blah, so I uninstalled/disabled the antivirus"...


----------



## m4gicfour (Oct 19, 2011)

Mussels said:


> the potato spelled intelligence wrong


Lol I know, just part of the charm.



newtekie1 said:


> I agree with Microsoft.  I clean viruses as part of my living, and in the past 6 years of doing it professionally, I have yet to find clean a virust that didn't get on the computer by the user doing something stupid.  And it amazes me how many times I've heard "the anti-virus wouldn't let me do blah blah blah, so I uninstalled/disabled the antivirus"...



Yup. That kind of thing seems to come from people who ask questions like "Can you download some more RAM", so it's kind of understandable. If your level of knowledge of the device is THAT low, it's not really surprising. To tap an old cliche: Headlight Fluid.


----------



## newtekie1 (Oct 19, 2011)

m4gicfour said:


> Yup. That kind of thing seems to come from people who ask questions like "Can you download some more RAM", so it's kind of understandable. If your level of knowledge of the device is THAT low, it's not really surprising. To tap an old cliche: Headlight Fluid.



Yep, saddly that is about where most computer users are at...


----------



## pr0n Inspector (Oct 19, 2011)

PROTIP: If you switch off your computer you will never get infected. Perfect defense against invisible rootkits from organized crime syndicates around the globe.


----------



## Neuromancer (Oct 19, 2011)

Derek12 said:


> I've got virus only in my first months of computing and Internet, with Windows 98 and Mcafee installed, but now I haven't got any in the last 6 years and I don't have any resident antivirus but I scan it monthly with on-line scanners and Kaspersky virus removal tool.



Wow your first virus was in 2006 with a windows 98 box, that is freaking awesome. Seriously rocking 98 like when XP boxes are $30. Sweet. Dunno if it's lazy, or die hard "98 is a better gamer than XP" ideology  (yes I remember those days barely, I was drunk alot ) 



As for the poster that complained this was not a reputable source (too lazy too look back) just be thankful erocker didn't close the thread because he didn't start it.


----------



## Derek12 (Oct 19, 2011)

m4gicfour said:


> Yup. That kind of thing seems to come from people who ask questions like "Can you download some more RAM", so it's kind of understandable.



Luckily many of them are just joking (at least in Internet) it's more or less like the typical "OMFG HOW I TURN OFF CAPS LOCK!!1!!"




Neuromancer said:


> Wow your first virus was in 2006 with a windows 98 box, that is freaking awesome. Seriously rocking 98 like when XP boxes are $30. Sweet. Dunno if it's lazy, or die hard "98 is a better gamer than XP" ideology  (yes I remember those days barely, I was drunk alot )



Yeah I was very poor at the time, I had a old, K6/2 450 MHz with 128 MB RAM and a "awesome" 36.6kbps modem, all bought in 1999, but shortly in that year (2006) I bought what I have now (with another motherboard)


----------



## Neuromancer (Oct 19, 2011)

Derek12 said:


> Luckily many of them are just joking (at least in Internet) it's more or less like the typical "OMFG HOW I TURN OFF CAPS LOCK!!1!!"
> 
> 
> 
> ...



I understand poor  Maybe I do not understand poor not in US though. 

Well done though.  Most of hte virus jobs I clean up are cuz people do not update their stuff (ugh JAVA!!!). Rocking 98 in 2006, and finally getting a virus thats is insanely good. I thanked you cuz that is safe browsing and finally giving in to a vulnerability.


----------



## Derek12 (Oct 19, 2011)

Neuromancer said:


> I understand poor  Maybe I do not understand poor not in US though.
> 
> Well done though.  Most of hte virus jobs I clean up are cuz people do not update their stuff (ugh JAVA!!!). Rocking 98 in 2006, and finally getting a virus thats is insanely good. I thanked you cuz that is safe browsing and finally giving in to a vulnerability.



Yeah there were bad times for us, jobs lost, many expenses, etc 

Totally agree with you, updating the system is very important, I've never had any issues in the post 98 era


----------

