Microsoft blames its customers for PC virus infections
In a fine example of Myers-Briggs NTJ thinking, Microsoft has blamed the computer user for most PC infections.
(_NTJs like to blame someone other than themselves!)
We used to call these PC user practices “pilot error.” 
I would still call blaming your customers “a bad business practice!”
In the semi-annual Security Intelligence Report, Microsoft found that the largest group (44.8%) of attacks upon its Windows operating system occurred because of some action taken by the computer operator. The action may have been as simple as downloading an infected file, or, EVEN MORE SIMPLY, BY CLICKING A LINK, so a human was the culprit!
Duh! If you don’t turn the computer ON (another action by a human culprit), or don’t hook it up to a NETWORK, a Windows PC is relatively safe! 😉 Windows PCs are also perfectly safe when used as boat anchors. Actually, the mere human act of BUYING a Windows PC could also be blamed for causing the majority of infections.
OK, Microsoft, please explain THIS to me – if I go up to that SAME LINK that infected a Windows PC, with my Macintosh, I will NOT become infected! I know that the malware up there is DESIGNED to infect only Windows PCs, but it is YOUR responsibility as the vendor to make your system as robust as possible in RESISTING attacks, or risk a mass migration from Windows.
Fortunately for Microsoft, many corporations and government agencies that use Windows are too stupid to “jump ship.”
The Microosoft report said that 47.8% of phishing attacks sent in the first half of the year masquerade as legitimate emails from social networks such as Facebook (the CNN article has information and links about phishing). Other emails pretended to come from banks or other financial institutions.
“IT professionals are accustomed to thinking about the technical aspects of security; however, as this report has shown, the human element has become just as important for attackers as the technical element, if not more so,” the report’s authors wrote.
“By implementing effective technical safeguards, programs, and processes designed to defend against social engineering, you can help your users avoid being taken advantage of by attackers,” they continued.
OK, I was once employed by a MAJOR supplier of security solutions to corporate and government accounts that used Windows. (Google, of course, DROPPED Windows for internal use back in 2010, for SECURITY reasons, after it and 33 OTHER Silicon Valley companies were hacked by the Chinese earlier that year.) I could tell you horror stories, but they must remain confidential! I used to complain at the time that I was forced to use a Windows PC (running XP at the time) at work, but I realized that if it were not for Windows (and customers who used Windows), I would not have had a job. The entire group, except for the manager, chose Macintosh computers in their personal lives.
The report notes that 43.2% of PC attacks were automatically installed by taking advantage of Microsoft Windows’ AutoRun function in the Vista and XP versions of the operating systems. AutoRun automatically executes certain files and programs. In February, Microsoft released an update to make the AutoRun feature more secure. Windows 7 already uses the more secure AutoRun feature as the default.
To me, AutoRun seems like the WRONG thing to use as a default! An appropriate analogy to me would be having a revolver designed to FIRE, with no trigger pull, as soon as a loaded cylinder is closed! Clearly NOT a good idea.
According to the report, only about 6% of attacks on Windows PCs were blamed on other exploits like malicious codes that take advantage of known vulnerabilities in applications or the operating system.
Actually, ALL viruses and Trojans have codes that take advantage of applications and the operating system – THAT IS HOW THEY WORK! Some may take advantage of the AutoRun feature of Windows!
The Microsoft report also noted that exploits of Java software (developed by Microsoft’s former COMPETITOR, Sun Microsysems, which ALSO banned internal use of Windows XP!), now a property of Microsoft’s competitor Oracle, were responsible for between 33% and 50% of all exploits during the last four quarters. Nearly all document exploits targeted Adobe Reader and Acrobat. (What can I say? Adobe’s main business, like Microsoft’s, has not been security. But Adobe is also a competitor of Microsoft in some areas, and I am always cautious when reading a company’s statements about its competitors…. And remember, we are ALSO talking about running Java on WINDOWS – I doubt that you see these problems with Java on Mac or UNIX varieties.)
Zero-day exploits accounted for only 0.1% of attacks, although certain unnamed “nation states” used something like FOUR of these zero-day defects in Windows, along with other goodies, to “take out” 984 gaseeous centrifuges for uranium enrichment in Iran using the Stuxnet Worm.
The newer the version of Windows that you run, the less likely you are to get infected! I’ll agree with that. Or, if you REALLY want to cut down your likelihood of getting infected, buy a Macintosh and still use a good firewall and antivirus software to defeat the tiny number of malware applications that exist for Mac. And, IMHO, you will have a vastly superior “user experience.” According to Microsoft’s report, the rate of infection for the latest versions of Windows XP, Vista, and 7 were: 1%, 0.5%, and 0.15% respectively.
-Bill at
Cheshire Cat Photo™ – “Your Guide to California’s Wonderland™”
You can view higher-resolution photos at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. The Cheshire Cat Photo Store on Zazzle® contains a wide variety of apparel and gifts decorated with our images of California. All locations are accessible from here. Be a “Facebook Fan” of Cheshire Cat Photo here! If you don’t see what you want or would be on our email list for updates, send us an email at info@cheshirecatphoto.com.
