Is x64 Win7 less secure than x86?

I’ve been running on a copy of 64-Bit Windows 7 Professional since the RTM was available through the MSDNAA, and I’m just now starting to realize the potential error of my ways. Truth be told, I have 6 GB of RAM, and I’d like to be able to use them all. That’s why I went with x64 over x86. But now it strikes me: Are the x64 versions of windows less secure?

Recent trends in security software seem to be favoring large-scale sandboxing and virtualization programs such as Defensewall HIPS and Sandboxie. In particular I keep hearing about how Defensewall is a fantastic security solution. – But if you look into these programs they are unavailable on x64 versions of windows, and the authors have made it well known that they can’t and won’t be making x64 bit versions. SO you're out of luck no matter what, there! I’ve also had some considerable difficulty with Anti-Rootkit scanners on x64 architecture (Sophos is a joke that won’t run no matter what it says). Additionally, it seems that many A/V packages run in 32-bit mode despite being on an x64 OS.

For the record, I myself run NOD 32 v4 and MalwareBytes, with some browsing filters in place. I love ESET, even if folks say they are slipping these days... More importantly, though, is that the bad guys are getting more and more resourceful by the day, so staying one step ahead of them feels critical.

What’s your opinion out there? Are x64 versions of Windows less secure than x86 versions, for the fact that these tools are not available? And if so, is it worth rolling back to an x86 install to ensure security?

Hi there, x64 is secure than x86. There are many Anti virus programs like Bit Defender, Norton, MSE and Bullguard which has native 64bit support. Even though any anti virus is running in 32 bit compatibility, it doesnt mean that it cant protect a 64bit OS.

To design a software for 64bit architecture involves costs. Hence most companies refrain.

Avast said:

Hi there, x64 is secure than x86. There are many Anti virus programs like Bit Defender, Norton, MSE and Bullguard which has native 64bit support. Even though any anti virus is running in 32 bit compatibility, it doesnt mean that it cant protect a 64bit OS.

To design a software for 64bit architecture involves costs. Hence most companies refrain.

I agree. Most virus and malicious software are design for 32 bit environment. Therefore, x64 is more secure.

I'll gladly accept that there are numerous effective A/V packages available, then. Obviously x86 viruses are still effective on x64 Win 7, but these A/V packages would hopefully catch them.

The more pressing issue in my mind is that PatchGaurd makes it very difficult for security software developers to design on an x64 platform. As I said Sandboxie and DefenseWall are No-Goes on x64 Win7 for this reason, and the developers have expressed little desire to move into the x64 versions. But I can assure you that the malware authors see this as fertile ground, and are working toward x64 rootkits as we speak. With so many computers swtiching over to x64 platforms for added memory addressing and such, it's only a matter of time.

With that said, is it safer to roll back to an x86 Windows 7 install, and use the more effective security tools? Or is the security benefit gained not worth losing half my Ram?

x64 also has Kernel PatchGuard, support for EFI BIOS in the future and will not load unsigned drivers unless you disable it. Its a better choice and HIPS programs are not necessary if you have a good suite. All you need is an extra scanner like Malwarebytes and Sophos Anti-Rootkit to make sure your main app isn't slipping.

These are all good suggestions, and great info. Thanks, particularly Creer for that link!

I will have to pipe up, though, in response to PatchGuard, since that's pretty much the whole reason I'm concerned. PatchGuard is unarguably a security FLAW, not a feature. It's laughable and dangerous. PatchGuard's already been defeated, and thus all PatchGuard is doing for the end consumer is making programs like DefenseWall and Sandboxie inaccessible. The fact that PatchGuard only crashes the system, on purpose, if kernel hooks are changed - and only checks every ten minutes - means that malware can have its way (seriously! Ten minutes is more than enough time for malware to do something nasty, or to deliver a Denial of Service attack to a local machine).

PatchGuard is without a doubt my biggest reservation about x64 Windows 7. Driver signing is fantastic, and I'm glad it's there.

I'll take that into consideration, johngalt, thank you. By the way, do you like WinPatrol? Is it very intrusive? It looks like a good security addition.