Let’s see, have we heard this point-counterpoint before?
Statement: “64-bit Windows has some of the lowest reported malware infection rates in the first half of 2009,”(Joe Faulhaber of the Microsoft Malware Protection Center).
Counter statement: yes, but pretty soon that’s going to change.
Statement: 64-bit Windows is a different operating system, so, the malware writers don’t know how to write code that can run in it.
Counter statement: yes, but that doesn’t mean it’s any more secure. It just has a smaller market share, so it’s more efficient for malware writers to go after the more common OS. They could if they wanted to.
Statement (opposite side taking the offensive): What about Trojans?
Counter statement: yes, but that’s social engineering. It isn’t based on the weakness of the operating system, it’s based on weakness in the human factor.
Statement: “Infection rates for the 64-bit versions of Windows XP and Windows Vista are lower than for the corresponding 32-bit versions of those platforms, a difference that might be attributable to a higher level of technical expertise on the part of people who run 64-bit operating systems.”( Microsoft Security Intelligence Report)
Counter statement: “This difference may be expected to decrease as 64-bit computing continues to make inroads among mainstream users.” (same report)
Gee, this almost sounds like the argument about Apple’s various operating systems that’s been running since about 1995. (Oh! Did I say that out loud?)
Here’s a perspective from Sunbelt Software Chief Technical Officer Erick Sites:
“Most malware uses some type of driver or thread injection. None of these (existing) types of malware are going to work on a 64-bit system. It’s not because 64-bit is any more secure, which is what Microsoft is hinting at.”
Computer World story here.