Microsoft: XP SP2 Adoption Lags Overseas

More than a year after the release of Windows XP Service Pack 2, install rates in Spain and Korea are barely in the range of 50 percent.

WASHINGTON, D.C.—More than a year after Microsoft Corp. shipped Windows XP Service Pack 2 as a massive security-centric OS makeover, customer adoption internationally continues to lag at disappointing levels, according to a senior Redmond executive.

Stuart McKee, Microsofts U.S. National Technology Officer, said the overall install rate of XP SP2 was just shy of 70 percent, but in countries such as Spain and Korea, adoption of the service pack dips into the 50 percent range.

In Japan, Germany and France, the install rate is in the range of 75 percent, McKee said.

During a keynote at the Security Summit East here, McKee said Microsoft has so far distributed more than 250 million copies of XP SP2 to provide a hardened shell around the operating system but the low upgrade levels remains a disappointment.

"A large number of computers out there are significantly vulnerable [to malware attacks]," McKee said.

Since the XP SP2 release last summer, McKee said critical vulnerabilities discovered had been cut in half and overall security flaws were down by one-third.

"[SP2] is 15 times less likely to be infected by malware," he said during a speech that highlighted the companys progress on the security front.

McKee identified Windows Defender (formerly Windows AntiSpyware) application as the "most popular download in Microsoft history," noting that more than 18 million Windows customers are getting real-time malware protection from the free utility.

/zimages/2/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

"Security is by far the single most important issue for Microsoft as a company. Its imperative for us as a company to develop this utility of computing and make sure it is trusted. Our entire business depends on [that trust]," he said.

McKee said the biggest challenges going forward include reducing the frequency of updates and making sure software fixes are rolled out efficiently.

In addition, he said Microsoft was committed to implementing defense-in-depth security measures and improving the way access in managed in an extended enterprise.

"Our vision is about establishing trust, and were committed to providing better guidance to secure [your] systems," he told a large group of attendees drawn from government, military and other public sector agencies.

/zimages/2/28571.gifClick here to read more about Microsofts efforts to patch an XP SP2 flaw.

McKee said the companys security mission is to provide threat and vulnerability mitigation in three key areas; prevention, isolation and recovery.

On the prevention front, he identified Microsofts investments in anti-virus (Windows Onecare), anti-spyware (Windows Defender), anti-spam (Microsoft Antigen) and anti-phishing (Internet Explorer 7).

"Customers are telling us that the market is not doing a good enough job of preventing the sophisticated malware attacks, and we decided to make our own investments to satisfy those needs," McKee said.

He also touched in the security enhancements planned for Windows Vista, including Windows services hardening, an improved firewall, and the concept of LUA (least privilege user account).

"Malware is a huge problem for large and medium-sized businesses. We are aware that this is a big pain point for customers. Once a piece of [malicious] software gets into the environment, I think we all understand what a challenge it is," McKee said, noting that Microsofts push into the anti-malware market includes plans for an enterprise-class client protection product.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.