Free antivirus software provider Avast has released information from a six-month study which reveals that Microsoft’s Windows XP operating system is home to 74% of their customers’ rootkit infections.
Data gathered from over 600,000 Avast customers pointed to Windows XP as the most vulnerable desktop OS for rootkits. XP, which was released in 2001, is the most widely used operating system to access the Internet according to w3schools.
The dated OS was installed on 49 percent of tallied Avast customers. 38 percent of users in the study were running Windows 7 while 13 percent had Vista installed. In contrast, only 12 percent of rootkits were detected on Windows 7 machines and 17 percent were found on Vista installations.
The problem doesn’t necessarily stem from the use of Windows XP itself, but from how end users obtain and install the operating system.
“One issue with Windows XP is the high number of pirated versions, especially as users are often unable to properly update them because the software can’t be validated by the Microsoft update,” said Przemyslaw Gmerek, the Avast expert on rootkits and lead researcher.
Rootkits are malicious tools that are installed before the operating system and anti-virus software are loaded, making them very difficult to detect and remove. Attackers use rootkits to steal data and install other programs without the user even knowing anything is wrong. Other types of rootkits present bogus antivirus warnings in an attempt to swindle credit card information from the user.
Most antivirus programs are useless in detecting rootkit installations. Users who suspect they might be infected are encouraged to try rootkit-specific removal tools such as TDSSKiller or ComboFix. If you need a helping hand, feel free to create a new thread in our virus and malware removal forum.