We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Windows pirates blamed for high malware rates

PCs running bogus Windows at most risk

Microsoft has warned that computers in countries with high rates of software piracy are more likely to be infected by malicious code because users are wary of applying security patches.

"There is a direct correlation between piracy and the malware infection rate," said Jeff Williams, the principal group programme manager for the Microsoft Malware Protection Center. Williams was touting the newest edition of his company's biannual security intelligence report.

According to Williams, the link between PC infection rates - the percentage of computers that have been cleaned by the updated monthly Malicious Software Removal Tool, or MSRT - and piracy is due to the hesitancy of users in countries where counterfeit copies abound to use Windows Update, the service that pushes patches to PCs.

China's piracy rate is more than four times that of the US, according to Microsoft's report, published today, but the use of Windows Update in China is significantly below that in the US.

Brazil and France also have a higher piracy rate, and lower Windows Update usage, than the US, Microsoft maintained.

But the company's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate - as defined by the number of computers cleaned for each 1,000 executions of the MSRT - of just 6.7, significantly lower than the global average of 8.7 or the US's rate of 8.2 per thousand.

France's infection rate of 7.9 in the first half of 2009 was also under the worldwide average.

Of the three countries Microsoft called out as examples of nations whose users are reluctant to run Windows Update because of high piracy rates, only Brazil fit William's argument: Brazil's infection rate was 25.4, nearly three times the global average.

Other countries with higher-than-average infection rates, however, also have high piracy rates, according to data published last May by the Business Software Alliance (BSA), an industry-backed anti-piracy organisation, and research firm IDC. Microsoft is a member of the BSA.

By Microsoft's tally, Serbia and Montenegro had the highest infection rate in the world, with 97.2 PCs out of every 1,000, nearly 10%, plagued by malware. Turkey was number 2, with 32.3, while Brazil, Spain and South Korea were third through fifth, with infection rates of 25.4, 21.6 and 21.3, respectively.

The BSA put Serbia's piracy rate, the percentage of the in-use software that's not licensed, at 74% in 2008, while Turkey, Brazil, Spain and Korea had estimated piracy rates of 64%, 58%, 42% and 43%, respectively. By comparison, the US's piracy rate was pegged at 20%, and the worldwide average at 41%.

Although Microsoft wants users to patch vulnerabilities with Windows Update, people running counterfeit copies of Windows have traditionally been less-than-eager to apply fixes, believing that Windows Update will recognise their software as illegal and mark it as such with nagging on-screen messages.

Microsoft's anti-piracy efforts, particularly the technology it pushes to users that sniffs out unlicensed copies of Windows, have met with resistance. Last year, for example, Chinese users raised a ruckus when Microsoft updated its Windows Genuine Advantage (WGA) anticounterfeit validation and notification technology.

American users have complained about the technology, too. In June 2006, Microsoft infuriated users by pushing a version of WGA to XP users via Windows Update, tagging it as a 'high-priority' update that was automatically downloaded and installed to most machines. A year later, a day-long server outage riled thousands of users who were mistakenly fingered for running counterfeit copies of Windows.

The 2006 incident sparked a lawsuit that accused Microsoft of misleading customers when it used Windows Update to serve up WGA. Last month, Microsoft filed a motion opposing a move by the plaintiffs to turn the case into a class-action lawsuit .

Microsoft's security intelligence report can be downloaded from its Web site in PDF or XPS document formats.

See also:

Computerworld US


IDG UK Sites

5 reasons not to wait for the Apple Watch: Why you shouldn't buy the iWatch

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How Emotional Debt is damaging digital design

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room