Is Anti-Virus Software Obsolete?

Updated: May 08, 2008

Issue

Add-on anti-virus protection has been a fact of computer users' lives for almost as long as people can remember. But have recent changes in system software and user behavior made anti-virus software unnecessary? Let's look at the facts.

Analysis

It's no secret that most malware targets Windows-based machines. Microsoft recognized this fact a long time ago and addressed the problem by incorporating several types of anti-malware technology directly into its Windows Vista OS.

Key to Vista's virus-fighting capabilities is UAC (User Account Control), which automatically senses potentially dangerous situations and temporarily suspends running programs and processes, effectively trapping any malware that may be trying to install itself on the machine or run itself with administrative privileges.

Windows Defender also protects Vista PCs by working to keep the system free of many types of malware, including spyware and adware. Windows Firewall, meanwhile, blocks suspicious types of incoming and outgoing traffic, greatly enhancing system security. The automatic-updating feature provides yet another layer of protection by ensuring that the host system is kept up-to-date with the latest security patches and enhancements; this feature does not require the user to take any action.

The combination of UAC, Windows Defender, Windows Firewall and automating updating does a very good job of keeping Vista-based machines secure. Unless a Vista user is inclined to perform foolish actions (such as intentionally subverting UAC and other security-oriented services), external anti-virus protection is usually unnecessary. However, downloading lots of software via Web sites, torrents or email can get users into the kind of trouble that these built-in protective features can't protect against.

Although Vista has been widely available for more than a year, many businesses — for cost, compatibility or other reasons — continue to rely on computers running Windows XP.

While XP remains a stable and eminently usable platform, its vulnerability to viruses and other types of malware is well-known. XP doesn't provide UAC, Windows Defender or other security improvements. Although Microsoft and various application vendors have worked hard to patch the OS's numerous security holes, new and serious XP vulnerabilities continue to arise on a regular basis.

Since XP systems sit squarely in virus creators' crosshairs and lack Vista's powerful system-protection capabilities, discontinuing the use of add-on anti-virus software would be a foolish and reckless move for most users. Additionally, users can add much of Vista's protection to XP by adding a third-party firewall and installing the free Windows Defender.

Everybody knows that Macintosh users like to feel superior to Windows users, particularly when it comes to computer security. A 2007 study conducted by McAfee's Avert Labs found that out of more than 236,000 known malware programs, only 7 of them targeted OS X. Unfortunately, this situation has changed for the worse since then and has not been helped by McAfee itself. Despite the rise of the Macintosh virus, the situation is still dramatically better for OS X users than it is for Windows users. This makes it much less likely, although not impossible, for a Mac system to be compromised by a virus.

By following smart operating practices, such as keeping OS X up-to-date and not clicking unknown email attachments, it is generally safe to use a Macintosh computer without anti-virus software. But those who need to engage in unsafe practices or who have extra security concerns can install Macintosh versions of anti-virus, anti-malware and firewall programs.

Common sense dictates that virus creators know better than to tangle with Linux machines, given the fact that a significant percentage of Linux users know as much about computers and virus behavior as the bad guys. But even here the situation is fluid. Linux's user base is slowly growing, and there are Linux viruses and malware programs — just not very many of them.

Given the fact that Linux viruses are relatively rare and that most Linux users are highly knowledgeable, the need for add-on anti-virus protection is minimal. Still, if one has an office filled with inexperienced computer users working on Linux machines, installing anti-virus software isn't necessarily a bad idea.

The Bottom Line

The question of whether to abandon add-on anti-virus software hinges on several factors, including the particular OS and how the system is being used (a machine that isn't used for email or Web surfing, for instance, isn't likely to get hit with a virus). Other factors to consider include the level of user knowledge (knowing, for example, not to recklessly open email attachments) and the computer owner's willingness to accept an increased level of risk.

It is also true that other security tools are slowly taking the place of anti-virus software — partly because of changes in virus behavior and partly because the new tools fight a much wider range of malware than just viruses.

For more information on anti-virus software, consult our comprehensive IT security research, including our Market Primer: IT Security, the Buyer's Guide: Firewalls and the Buyer's Guide: Network Access Control.

Featured Research