Summary: "Up to 88% of Fortune 500 companies" are said to have been affected by the Zeus trojan alone, so questions about Microsoft's liability arise again

WE PREVIOUSLY showed that about one in two PCs that run Microsoft Windows is a zombie PC.

An argument regarding an earlier post brought up the following response that cites an item from the news:

Microsoft is to blame for spam. Almost all businesses that use Windows have a Botnet problem.

Up to 88% of Fortune 500 companies may have been affected by the Zeus trojan, according to research by RSA's FraudAction Anti-Trojan division, part of EMC. The trojan installs keystroke loggers to steal login credentials to banking, social networking, and e-mail accounts. [...] Smaller companies (those with fewer than 75,000 employees) appeared to have a higher proportion of infected employees.

My bet is that 100% of computer networks with Windows are infected and that the missing 12% are so well captured that those watching are unable to tell.

Blame for this universal failure can only be laid at Microsoft's feet. Either the whole world administers Windows incompetently, or Windows is hopelessly insecure. If it were possible to secure Windows, the majority of Fortune 500 companies would not have a problem. No other software has this kind of problem.

As I argued yesterday, "systemic neglect is Microsoft’s fault [1, 2, 3]. Microsoft does not patch known holes until the attacks begin. We wrote a lot of posts about this in January [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] since a known Internet Explorer hole that Microsoft had ignored for 5 months caused enormous damage to many businesses, Google included."

Last year, when researchers showed that it was simple to take control of Vista 7, Vipin Kumar was quoted as saying that "There's no fix for this. It cannot be fixed. It's a design problem." ⬆

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive