Microsoft may turn to Windows Defender for unprotected PCs

As Microsoft makes another push to get users off of Windows XP, the company says that it will begin turning on Windows Defender.

The dotted line represents the number of malware “infections” that occurred after Microsoft stopped supporting Windows XP Service Pack 2.

The dotted line represents the number of malware “infections” that occurred after Microsoft stopped supporting Windows XP Service Pack 2.

Microsoft may eventually automatically turn on Windows Defender for PCs that are left-- deliberately or not--in an unprotected state, executives said Monday afternoon.

Microsoft security officials spoke on the eve of its latest Security Intelligence Report, scheduled to be released Tuesday. As it has been for the past few months, Microsoft's goal is to move as many of its customers off of the older Windows XP operating system onto something more modern and protected--Windows 8.1, if at all possible.

The idea is to minimize security risks to the PC community at large by essentially shutting down the unintentional security holes discovered within Windows XP. Microsoft will discontinue support for Windows XP in April 2014, allowing those holes to exist, unpatched, forever.

But if the goal is to minimize security risks, then it makes sense for Microsoft to close any holes left open by an unprotected operating system. In some cases, Microsoft executives said, consumers who try out a firewall or antimalware package aren't aware of when the trial period expires, so that the PC slips from a protected to an unprotected state. In the case of Check Point Software's Zone Alarm program, for example, the software simply stopped working after users upgraded to Windows 8.1.

Microsoft's first priority, however, is to maintain the relationship that a user has struck with the third-party anti-malware provider, said Holly Stewart, the senior program manager from the Microsoft Malware Protection Center. "We have to work collaboratvely across the industry," she said.

"As a customer goes into an unprotected state, we want those antivirus vendors to be installed as the first upgrade source," Stewart said. If the license has expired, the first thing Microsoft asks them to do is to go upgrade, she said.

Microsoft is also considering a plan to automatically turn on Windows Defender if the user remains in an unprotected state after being asked to upgrade. The goal is not to nag the user, Stewart said, but at the same time to notify them that they're not protected, and to move them back into a protected state with a minimum of fuss.

Microsoft also presented new data as additional justification for moving away from Windows XP. The data, compiled from more than a billion PCs, whose users have allowed Microsoft to use their data to improve Windows, was added to 400 million accounts and billions of Web page scanned by Bing.

The data showed that Windows XP makes up 22 percent of the worldwide user base; in some regions, such as Africa, the penetration can be as high as 32 percent, according to StatCounter. With an operating system more than a decade old, features that were advanced at the time of Windows XP's release, such as Data Execution Prevention technology, have been bypassed by malware writers.

Stewart said that the the number of pieces of malware that a Windows XP or Windows 7 or Windows 8 machine encounters is relatively constant, indicative of the habits of Internet users at large. But the number of computers that Microsoft reported as infected was far higher for those running Windows XP than for the other operating systems, Microsoft found.

The bottom line? Protect your PC--or Microsoft may do it for you.

Join the CSO newsletter!

Error: Please check your email address.

Tags MicrosoftsecurityWindowssoftwareoperating systemsintelsecurity software

More about Check Point Software TechnologiesCheck Point Software TechnologiesMicrosoftZone Alarm

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Hachman

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts