Web sites hosted on Microsoft's Web servers are twice as likely to have embedded malware as those using the open-source Apache software, Google security researchers stated in survey results published on Tuesday.

In the study, the researchers looked at 70,000 domains known to host malicious code and found that, while 23 percent of sites indexed by Google use Microsoft's Internet Information Server, nearly half of all sites hosting malicious code run the software. For the Apache Foundations eponymous Web software, about two thirds of sites indexed by the search giant run the software but only half of all sites hosting malicious code run Apache.

The results do not necessarily say much about the relative security of the two Web platforms, the researchers stressed.

"It is important to note that while many servers serve malware as a result of a server compromise (by remote exploits, password theft via keyloggers, etc.), some servers are configured to serve up exploits by their administrators," the researchers said in a blog post discussing the results.

The survey also found that servers hosting malicious code were far more likely to be running Microsoft's IIS if based in Asia and Apache if based in Europe. The researchers posit that pirated versions of Microsoft's software, which are ostensibly more likely to be used in Asian, might not have automatic updates enabled installed or may not have certain security updates available for installation.

The general prevalence of Microsoft versus Apache is based on Google's own search database of 80 million domains.