Three of the top ten malware threats run on Microsoft Vista, Sophos tests show

Figures released by Sophos, a world leader in IT security, for the last month have revealed that three of the top ten malware currently doing the rounds on the Internet are capable of bypassing the security features in the new Microsoft Windows Vista operating system and infecting users' PCs.

The figures, compiled from Sophos's global network of monitoring stations, show that the W32/Stratio-Zip worm has overtaken W32/Netsky-P as the most widely circulated piece of malware, accounting for a third of the total reports.

The Vista-resistant malware - W32/Stratio-Zip, W32/Netsky-D and W32/MyDoom-O - comprise 39.7 per cent of all malware currently circulating. Sophos tested each piece of malware in the top ten on the Vista operating system to establish whether users running Vista without any third-party security software would avoid infection.

The results showed that while the Windows Mail e-mail client (Vista's upgrade of Outlook) was able to identify and halt all of the threats, W32/Stratio-Zip, W32/Netsky-D and W32/MyDoom-O - each of which are commonly disseminated via e-mail - were able to bypass the defences when accessed via a third-party web e-mail client.

"This represents a serious issue for businesses who allow employees to access their personal e-mail at work, as well as for companies that are considering adopting an alternative e-mail client," Sophos said in a statement.

According to Carole Theriault, senior security consultant at Sophos: "There has been much speculation about whether Vista would render existing malware extinct, and the news is now in - it won't. While Microsoft should be commended for the huge security improvements it has made in Vista, running separate security software is still essential to eliminate the risk of infection.

"On top of this, cyber criminals will already be looking at creating Vista-specific malware. Users need to think carefully about whether their current solution is going to offer sufficient protection against such emerging threats, given that some vendors continue to experience problems adapting their software for the Vista operating environment."