A Microsoft spokesperson questioned whether PC Tools' methodology conforms with Microsoft's methodology.
"We appreciate independent studies and encourage researchers to help us make our products more secure; however, this is a study by a vendor of anti-malware products," a Microsoft spokesperson said in an e-mailed statement. "ThreatFire vulnerability comparison numbers certainly don't reflect our vulnerability findings from the malicious software removal tool (MSRT), which ran on over 400 million machines in December 2007. From June 2007 through December 2007, the MSRT found malware on 2.8% of the Windows Vista machines it ran on, vs. 7.2% of Windows XP SP2 machines. It found malware on 5% of Windows 2000 SP4 machines and 12.2% of Windows 2000 SP3 machines. Note that for Windows 2000 this spans both client and server machines."