Microsoft says 64-bit Windows less affected by malware

Let�s see, have we heard this point-counterpoint before?

Statement: "64-bit Windows has some of the lowest reported malware infection rates in the first half of 2009,"(Joe Faulhaber of the Microsoft Malware Protection Center).

Counter statement: yes, but pretty soon that�s going to change.

Statement: 64-bit Windows is a different operating system, so, the malware writers don�t know how to write code that can run in it.

Counter statement: yes, but that doesn�t mean it�s any more secure. It just has a smaller market share, so it�s more efficient for malware writers to go after the more common OS. They could if they wanted to.

Statement (opposite side taking the offensive): What about Trojans?

Counter statement: yes, but that�s social engineering. It isn�t based on the weakness of the operating system, it�s based on weakness in the human factor.

Statement: "Infection rates for the 64-bit versions of Windows XP and Windows Vista are lower than for the corresponding 32-bit versions of those platforms, a difference that might be attributable to a higher level of technical expertise on the part of people who run 64-bit operating systems."( Microsoft Security Intelligence Report)

Counter statement: "This difference may be expected to decrease as 64-bit computing continues to make inroads among mainstream users." (same report)

Gee, this almost sounds like the argument about Apple�s various operating systems that�s been running since about 1995. (Oh! Did I say that out loud?)

Here�s a perspective from Sunbelt Software Chief Technical Officer Erick Sites:

�Most malware uses some type of driver or thread injection. None of these (existing) types of malware are going to work on a 64-bit system. It�s not because 64-bit is any more secure, which is what Microsoft is hinting at.�

Computer World story here.

Tom Kelchner