AVAST conducted a six-month study of over 630,000 samples and found that 74% of rootkit infections came from systems running Windows XP, whereas only 17% came from its successor – Vista – and 12% from Microsoft’s latest operating system release, Windows 7.
A rootkit is software installed that provides an attacker with root-level (privileged) access to a computer while also allowing the attacker to mask the presence of the software from the system administrator.
The data were collected by AVAST Virus Labs, which identified un-patched – and oftentimes pirated – versions of Windows XP as most commonly infected by rootkit software. This was not surprising, according to AVAST, because Windows XP is still the most commonly used operating system worldwide, followed by Windows 7, then Vista.
“One issue with Windows XP is the high number of pirated versions, especially as users are often unable to properly update them because the software can’t be validated by the Microsoft update”, noted Przemyslaw Gmerek, AVAST’s lead researcher and an expert on rootkits.
“Because of the way they attack – and stay concealed – deep in the operating system, rootkits are a perfect weapon for stealing private data”, he added in a press release statement.
While the more recent Windows 7 is not impervious to rootkit infections, AVAST did note that the latest version of the operating system does afford more protection. Among the preventive tools available in the newer Windows 7 cited by AVAST: user account control (UAC), Patchguard, and Driver Signing.