Sinofsky did however remind developers of the importance of the company's Security Development Lifecycle (SDL), the coding, testing and design system it came up with to avoid the security oversight that causes so many problems for Windows XP a decade ago.

"Some malware is as complex as commercial applications," said Sinofsky notes in a blog on the environment in which Windows 8 will be operating.

Microsoft has also spotted an interesting clue as to why a sizable minority of PCs seem to lack adequate antivirus protection - people use free antivirus that comes with a new PC but then fail to re-subscribe after trial periods expire.

"Shortly after Windows 7 general availability in October 2009, our telemetry data showed nearly all Windows 7 PCs had up-to-date antimalware software," said Sinofsky.

"A year later, at least 24 percent of Windows 7 PCs did not have current antimalware protection. Our data also shows that PCs that become unprotected tend to stay in this unprotected state for long periods of time."