Microsoft reports improved security for Windows amid growing threats

Microsoft said today that security for Windows Vista has gotten better, but the threats from online attackers have become more serious.

Among the culprits are organized criminals who have gone online, and naive users who are duped by message scams. The company’s fifth Security Intelligence Report said that the amount of malicious software removed from Windows computers grew 43 percent in the first half of 2008, compared to the first half of 2007.

While Windows Vista and security updates to Windows XP have made those operating systems more secure, attackers are now targeted vulnerabilities in individual programs. Roughly 90 percent of new vulnerabilities are now related to applications, while just 10 percent target the operating system. With older versions of Windows XP, roughly half of the vulnerabilities could be blamed on Microsoft.

George Stathakopoulos, general manager for Microsoft’s Security Engineering and Communications group, told the New York Times that third-party software makers have to improve their security. Users should also remember that they shouldn’t click on unsolicited links.

Microsoft can collect data on security attacks by monitoring usage of tools such as its Malicious Software Removal Tool. Infection rates range from 1.8 for every 1,000 computers in Japan to 11.2 infected computers for every 1,000 scanned in the U.S. The U.S. number is up by 25.5 percent in the last six months.

Microsoft is recommending that users check for software updates on all of their programs, enable an Internet firewall, install anti-virus and anti-spyware software, and open links and attachments in email programs and instant messages with caution, even if they come from a trusted source.