Microsoft IIS Web servers are twice as likely to serve malware as open source Apache Web servers, according to a Google security survey.

Advertisement

In this post, Google investigate the distribution of web server software to provide insight into how server software is correlated to servers hosting malware binaries or engaging in drive-by-downloads.

Compared to our sample of servers across the Internet, Microsoft IIS features twice as often (49% vs. 23%) as a malware distributing server. Amongst Microsoft IIS servers, the share of IIS 6.0 and IIS 5.0 remained the same at 80% and 20% respectively.

Google’s survey finds that in China and South Korea, malicious servers are more likely to be running IIS than Apache.

Web server software across servers distributing malware:
Web server software across servers distributing malware IIS vs Apache

However there might be some errors in final result as a single IP hosts more website using virtual hosting. Nevertheless it is a good reading.

Read more

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

2 comments… add one
  • Anjanesh Jun 7, 2007 @ 23:15

    Well….so far so true, but now many make think differently after the release of IIS7- IIS vs. Apache.

  • survey software Apr 21, 2009 @ 16:01

    Awesome! thanks for adding this

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.