We may not make a lot of things in the USA anymore, but we still lead the world in botnets by a large margin according to volume 9 of Microsoft’s Security Intelligence Report, covering January through June of this year.
The main focus of the report is on botnets and Microsoft sees them as the core platform of malware, the engine that makes the Internet criminal enterprise run. And botmasters are getting more sophisticated: While we have historically thought of different kinds of malware (worms, trojans, spyware) separately, they are bring used together in bots. You might see password stealers used in addition to an IRCbot, for example.
But the bigger news is that this reports confirms some already established trends of decline in several negative factors: Software vulnerabilities, industry-wide, continue to decline in numbers, but remain at high levels. Microsoft doesn’t speculate about it, but I think the high numbers are due at least as much to large amounts of talent and money going into white hat research.
This being Microsoft, they have data on how much we’re updating Windows and their other software, and the news there is good too. Consistent monthly use of Windows Update and other automated Microsoft update mechanisms (e.g. WSUS or Windows Software Update Services) is up substantially. These users should be far better protected against attack.
It’s likely that this phenomenon is due to increased adoption of Windows 7 and, to a lesser extent, Vista, both of which make Windows Update and automatic application of updates the default behavior rather than a strong suggestion, as in XP SP3. The increased use of Windows Update also means more widespread runs of the Microsoft Malicious Software Removal Tool, which runs each time you run Windows Update. This month Microsoft added the Zeus trojan to the list of threats cleaned by the MSRT, which should deal a serious blow to a major botnet already in decline. The percentage of Vista systems needing an MSRT cleaning was 1/5 that of XP SP3 systems, and the percentage of Windows 7 systems 1/2 of Vista’s.
Another major theme of the report is that malware is a world-wide phenomenon and problem and that any serious improvement in the situation will have to have an international basis. You can’t just solve it in the US. Microsoft also repeats here their discussion of progress in collective defense and a “public health” model for Internet security.
View full post on Security Watch
Related Posts
- ‘Here You Have’ Virus Shows Security Weakness (PC World)
PC World - A worm known affectionately as "Here You Have" based on the subject line of the infected e-mail used to propagate it has quickly spread into a global malware attack. The efficacy of the sim... - Browser Updates
Just a few days ago, two major web browsers have been updated to fix security vulnerabilities which may allow attackers to infect the computer with malware just by visiting a hacked website.Google rel... - Adobe updates Reader and Acrobat
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week... - iPhone Tracking
Some time ago, a security researcher, Alex Levinson, found out the iPhone was keeping a SQLite database of the iPhone’s location (wifi-based location, cell-based or GPS) and a few other informat... - Flash Player Update available
Just a short notice on the now available Adobe Flash Player Update: Version 10.2.159.1 has been released which fixes the critical security vulnerability which allow attackers to infect computers with ... - New Malware can Automatically Register Facebook Applications
A few months ago, at least prior to February 7th, Sality operators pushed a new malware onto their P2P network of infected bots. The malware in question hooks into Internet Explorer using its standard... - Global Spam Botnet Tracking Report (first quarter 2011)
The following data are the result of the monitoring and recording process made by spam sensors spread all around the world to provide the trend of security in terms of compromised systems. Spam sensor... - Security expert: iPhone password hack shows flawed security model
News of a successful attack that almost instantly gives full access to an iPhone's password keychain made its way around the Web on Thursday after Germany's Fraunhofer Institute... - Europe undertakes privacy and security research
A research project under way in Europe aims to develop systems to help people protect and share their personal digital information.
Full story: Network World on Security... - Don’t Fear the Android Security Bogeyman (PC World)
PC World - Academic security researchers have created an ingenious piece of malware that runs on Android cell phones and steals credit card details.
Full story: Yahoo! News: Security News...
Posted on 18 October 2010. Tags: Amid, Bots, Full, Good, news, research, Security, shows, World
We may not make a lot of things in the USA anymore, but we still lead the world in botnets by a large margin according to volume 9 of Microsoft’s Security Intelligence Report, covering January through June of this year.
