Does Windows XP Really Breed Rootkit Infections?

74% of the rootkit infections found in a recent report were on XP machines, but is that the whole story? This startling fact appeared in Computerworld today – it went on to say that “Windows 7 accounted for only 12% of the malware-plagued machines“.

Rootkits are the most dangerous type of virus infection and can be extremely hard to remove so should all XP users rush out to buy a new W7 computer? Not so fast – the trouble with attention grabbing headlines like “Three-quarters of all rootkits on decade-old XP” is that they can scare people unnecessarily. As always, the devil is in the detail:

  • Up to a third of XP users are only running XP Service Pack 2 (SP2) or earlier. SP2 dates from 2004 whereas SP3 was released in 2008 – so it is likely that those SP2 users have not received literally hundreds of automatic security updates from Microsoft over the last 3 to 7 years – no surprise at all if they are infected by viruses!
  • Unlike W7, Windows XP was always heavily pirated. Pirated copies of XP can be pre-infected with malware tightly woven into the fabric of Windows itself – making it invisible to all but the most thorough inspection. If Windows is pre-infected like this it is (again) not surprising that it is left wide open to more virus attacks in future.
  • Users of pirated XP software are much less likely to install important security updates from Microsoft as they fear that their pirated version of XP might be ‘found out’ and severely knobbled – again, this causes higher infection rates. In many of the world’s poorer countries (and some not so poor, China, cough) software piracy is so endemic it is almost normal practice.
  • XP computers are now old and of little monetary value. In our experience that means they are often relegated to the ‘spare’ computer in the home (not used for ecommerce / online banking) or given to children to ‘play’ with (otherwise known as ‘mess up’) – security and good (paid) antivirus software is forgotten or ignored which again leads to virus infection…

By contrast, that expensive new ‘main’ W7 computer may be reserved for parental use, lavished with a decent antivirus and have more care taken with keeping it up to date and secure. It is similar to cars – people often take pride in a new car and regularly service it to protect their investment whereas an old clunker is used and abused – the only time it sees a repair shop is when it breaks down!


There is no doubt that in absolute terms W7 (mainly the 64-bit version) is a little more secure than XP overall but of far more importance is the person who uses the computer and the way it is used. We are happy ;-) to report that the virus removal aspect of our computer repair business has not suffered since W7 was launched – the way some people use a computer causes them to be infected whichever version of Windows they have…

Whether you have Windows XP or W7 (or even one of the unfortunate few stuck with Vista) do follow the steps in our guide on how to avoid virus infections as prevention is a lot better than cure.