Published by Javier Guerrero,  June 17th, 2010

When I talk about malware and the need to make end-users aware about its dangers, I usually get comments like “install a Linux distribution and forget about viruses” or “change to Mac, it has no malware”. I would like to discuss this in this post, as although these comments are fairly reasonable, it’s not that simple.

It’s not true that there is no malware for Linux and Mac, however, it is true that there is much less malware targeting these operating systems in comparison to the malware targeting Windows. There are several reasons due to which Microsoft’s system is the most targeted:

First, Windows is by far the most used operating system worldwide. The image below recently obtained from the NetMarketShare website, shows global statistics about different operating systems’ market share.

windows_so_blog_lapiazza2

.

As you can see, at 91.58% Windows is far ahead from the second most used operating system at 5.33%, which isn’t Linux but Mac. This is striking: regardless of the effort made by numerous companies, public administrations and users, Linux only holds a 1% market share.

It is therefore obvious that malware creators find Windows the most attractive platform for mathematical reasons: that’s where most of their creations’ victims/users are. Evidently, the moment a new platform reaches a notorious market share, it will attract malware creators’ attention.

Another reason for Windows being a clear objective is that although the Redmond company have been taking security very seriously for some time, historically security wasn’t one of their main priorities, especially in the case of DOS, Windows 9x, etc. They later launched the NT platform (the first Windows NT 3.5 and NT 4), designed bearing security, stability, etc. in mind. Ironically, the success achieved by their previous systems made them “overlook” some security-related aspects in order to make it more user-friendly.

As for the migration of users from Windows to other platforms, it is complex. Numerous users with non-technical profiles are accustomed to managing a series of tools in a familiar platform they feel comfortable with. Most of them prefer and find it easier to have malware threats present, and get used to using one more tool (security software) before evaluating whether to change to an unknown system.

Additionally, Windows’ market share has an inertia effect, which leads users to asking themselves: “what am I going to install and learn how to use another operating system for, if wherever I go there’s going to be Windows?”

Another reason due to which the Windows operating system is the most used is that it is usually preinstalled in most of the computers that are purchased by users, which gives it an advantage over other systems.

Finally, I would like to return to the beginning of this post and leave you thinking about the following question: Panda Security’s mission being to protect and spread awareness, it wouldn’t be logical for us to ignore the threats targeting the most used platform worldwide (whether we like it or not), would it? 😉

Javier Guerrero Diaz
R+D – Development Dept.
Panda Security