In 2004, Microsoft Windows was reported[1] to hold 90% of the personal computer market share.  Today, Microsoft Windows is considered to be a variety of operating systems that run on client machines (personal computers), servers, and to be embedded within devices.  In upcoming years it is expected that the proliferation of operating systems, specifically those on mobile devices, will reduce the Microsoft dominance in the overall client market.  This is welcomed news to some who point to the risks associated with over-reliance on a single technology as reported in CNET News.[2]   

There are users that continue to use older versions of Windows.  However, Microsoft no longer offers support for systems that pre-date Windows 2000.  They will continue to discontinue support of older systems as new iterations of Windows are released.  One of the main distinguishing features to Microsoft operating systems is that they are based on a “closed source” format.  This means that no modifications to the source code are allowed and third party companies cannot obtain licenses that allow for customization of the system.

Security Concerns

Among the many functions as described in the glossary section below, the operating system (OS) is responsible for the security of the computer system.  It must protect against unauthorized access.  There have been significant issues related to security with Windows operating systems.  Compared to alternative systems, Windows faces more malware threats – five orders of magnitude more malware threats.  While there are numerous explanations for this, one primary reason is that there simply is widespread use and acceptance of Windows.

One major target of malware security breaches is Internet Explorer (IE), the default Windows Internet browsing application.  IE permits third party applications to add functionality using Browser Helper Object (BHO) technology and allows ActiveX content so as to enable rich content to web sites.  As a result there are numerous attack vectors and malware creators have taken advantage of these security flaws.  It is common to receive malware unknowingly simply from browsing to and viewing a web site.  This is known as a “drive-by download”.

Account privileges are another significant area of concern related to security.  The default user account for Windows systems is “Administrator” and as such, automatic changes can be made to a system without requiring authorization.  With other user accounts there are fewer privileges assigned thus lessening the ability for malicious applications to automatically make changes to a system.  Vista, the upcoming operating system offered by Microsoft, is set to address this issue by introducing User Account Control (UAC).  Early reviews of this functionality criticize the excessive use of prompts for administrator credentials when doing routine file operations.

The issue of security has become a notable one at the Microsoft frontline.  Bill Gates in January of 2002 sent a company memo related to issues of security where he stated: “We can and must do better.”  He went on to say that security and achieving trustworthy computing, needed to be the highest priority so that users would feel that their computing experience would be fundamentally secure and private.  This continues to be an objective not easily achieved.

In November of 2004, a study[3] was performed to determine vulnerabilities of commonly used operating systems.  It was discovered that Windows XP with Service Pack 1 when plugged into the Internet without a firewall, lasted a mere 4 minutes before falling prey to security compromises due to malicious attacks.  

Issues and crashes

Although the number of virus outbreaks has significantly dropped in recent years, there has been an increasing amount of malware attacks.  In one study[4] it was discovered that spyware was detected on 80% of the computers in the study group, that there was an average of 93 malware components detected on machines, and that 89% of the study group was not aware that the malware items were on their computers.  The majority of home personal computers run one of the Windows platforms.

The effects of malware components that have infected a machine can be numerous.  It is likely that there will be sluggish performance experienced if resources are accessed without consent including CPU usuage and network traffic.  Unexplained behaviours can also arise including system instability, and application and system crashes.  Another effect involves hijacking your computer for the purpose of botnet activities. A botnet is a network of computers with broadband connections infected with malicious programs that connect to servers controlled by remote attackers.  Reports reveal that the distribution of spam is largely the result of automated activities from infected machines that are part of a botnet. 

Updates and Fixes

Microsoft makes updates available to Windows users.  These updates sometimes include feature additions but are mostly security and bug fixes.  Security patches are typically released on the second Tuesday of every month.  Critical updates, however, are released as necessary.  These are offered via the Windows Update service for the following Windows operating systems:

·          Windows 2000 (SP3 and later)

·          Windows XP

·          Windows Server 2003

Users of these systems can choose to automatically download and install updates.

The Windows Update site is a web based service that was first introduced with Windows 98.  In 2005, Microsoft rolled out an anti-piracy program, Windows Genuine Advantage (WGA).  WGA is required in order to receive Automatic Updates as Windows users must authenticate their copy of the operating system.  This can work to the user’s advantage in terms of knowing if their operating system is unlicensed or is a counterfeit.  Despite this restriction, security updates are provided regardless of whether the system passes the validation.

With frequent updates, the process of downloading and installing can take a few minutes.  In extreme cases where you are selecting many updates, the process can take more than an hour.  In the cases of having to perform a clean install (re-building the computer system) all the security patches need to be installed once again.

Looking for solutions for Windows issues can also include searching the Internet for answers.  Some turn to online communication threads.  However, it can be challenging to identify if someone else’s problems matches the issues you are facing.  We recommend you search the Microsoft Knowledge Base at: http://support.microsoft.com/search/?adv=1.  Determining the cause of the problems is advantageous to prevent running into the same issue again. 

Best practices

The following list is a recommendation to maintain computer security and proper functioning:

1. Use firewall protection: to prevent the downloading of malware and to be less vulnerable to attacks.
2. Regular system updates: check for the latest updates and patches on an ongoing basis.
3. Configure Internet browser security settings: adjust the browser settings to accept only as much web content as you are willing to have downloaded to your computer.
4. Practice safe surfing: download content from sites that you trust and avoid sites that could download malicious items.  Read security warnings, license agreements, and privacy statements before downloading content.
5. Do not open unknown email attachments: if you are uncertain of an email and any attachment included with it – do not open it; delete it.
6. Anti-spyware protection: install an effective anti-spyware program that receives regular malware database updates.

Malware items are designed to be stealthy and to remain on your system.  As a result they can be challenging to detect and remove.  Using effective security tools will likely save time and reduce the risk of doing more damage.  It is best to use a spyware removal tool that has quarantine and backup capabilities and can be scheduled to run automatically.  Thorough and effective scanning and removal depend on reliable support and frequent database updates from the anti-spyware vendor. 

RegCure and XoftSpySE Anti-Spyware meet the requirements.  To clean and optimize the performance of your PC with RegCure Registry Cleaner click here.  We also recommend that you scan for spyware threats that pose as a security and privacy risk. To scan with XoftSpySE Anti-Spyware click here.