Microsoft Report Reveals Resurgence of Worms
3
Microsoft Report Reveals Resurgence of Worms; Rogue Security Software Still Top Threat The latest Security Intelligence Report also highlights success with customer disinfection rates and software update diligence. REDMOND, Wash. Nov. 2, 2009 Microsoft Corp. today released the seventh volume of the Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months. In addition, the Zlob family of trojans, considere d a top threat two years ago, has drastically declined due to Microsoft’s work to aggressively clean customer machines and customers’ diligence in applying software updates. SIRv7 provides a deep, accurate view of the threat landscape country by country. For the first time, this report shares security best practices from countries that have consistently exhibit ed low malware infection. These best practices and security intelligence provide a valuable resource for business leaders who need to make accurate decisions based on the threats that are most pressing today. “It’s been said that knowledge is power — and when it comes to security intelligence, a lack of accurate information can be detrimental to separating real threats from hype,” said Vinny Gullotto, general manager of the Microsoft Malware Protection Cen ter. “Microsoft is committed to providing not only security intelligence for our customers and the community, but also the most accurate and comprehe nsive view of the r ealities of the threat landscape.” The security intelligence contained in SIRv7 is collected through a broad community of customer s around the globe who share Microsoft’s goal of obtaining the most accurate view of the threat landscape. Reporting mechanisms for the Microsoft Security Intelligence Report are diverse and comprehensive, including Microsoft’s Malicious Software Removal Tool (MSRT), on 450 million computers worldwide; Bing, which performed billions of Web page scans during the past six months; Windows Live OneCare and Windows Defender, operating on more than 100 million computers worldwide ; Forefront Online Protection for Exchange and Forefront Client Security, scanning billions of e-mail messages yearly; and Windows Live Hotmail, operating in more than 30 countries with hundreds of millions of active e-mail users. Top Global Trends Ten years after Melissa appeared and defined mass-mailing worms as a class of malicious threats, worm infections have resurged to become the second most prevalent threat for enterprises in the first half of 2009. Worms rely heavily on access to unsecured file shares and removable storag e volumes, both of which are plentiful in enterprise environments. According to SIRv7, the following were the top two families detected: • Conficker was the top worm threat detected for the enterprise, because its method of propagation works more effectively within a firewalled network environment. Conficker is not in the top 10 for consumers, because home computers are more likely to have automatic updating enabled. This further reiterates the need for enterprises to have a robust security update management program in place. • Taterf, with detections up 156 percent since the second half of 2008, targets massively multiplayer online role-playing games (MMORPGs). These attacks rely less on social engineering to spread, and
-
Upload
yasir-ahmed -
Category
Documents
-
view
218 -
download
0
Transcript of Microsoft Report Reveals Resurgence of Worms
8/8/2019 Microsoft Report Reveals Resurgence of Worms
http://slidepdf.com/reader/full/microsoft-report-reveals-resurgence-of-worms 1/3
Microsoft Report Reveals Resurgence of Worms;
Rogue Security Software Still Top Threat
The latest Security Intelligence Report also highlights success with customer disinfection rates and software update diligence.
REDMOND, Wash. —Nov. 2, 2009 —Microsoft Corp. today released the seventh volume of the
Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise
rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue
security software remains a major threat to customers; however, 20 percent fewer customers were
affected by rogue infections during the past six months.
In addition, the Zlob family of trojans, considered a top threat two years ago, has drastically declined
due to Microsoft’s work to aggressively clean customer machines and customers’ diligence in applying
software updates.
SIRv7 provides a deep, accurate view of the threat landscape country by country. For the first time,
this report shares security best practices from countries that have consistently exhibited low malware
infection. These best practices and security intelligence provide a valuable resource for business
leaders who need to make accurate decisions based on the threats that are most pressing today.
“It’s been said that knowledge is power — and when it comes to security intelligence, a lack of
accurate information can be detrimental to separating real threats from hype,” said Vinny Gullotto,
general manager of the Microsoft Malware Protection Center. “Microsoft is committed to providing not
only security intelligence for our customers and the community, but also the most accurate and
comprehensive view of the realities of the threat landscape.”
The security intelligence contained in SIRv7 is collected through a broad community of customers
around the globe who share Microsoft’s goal of obtaining the most accurate view of the threat
landscape. Reporting mechanisms for the Microsoft Security Intelligence Report are diverse and
comprehensive, including Microsoft’s Malicious Software Removal Tool (MSRT), on 450 million
computers worldwide; Bing, which performed billions of Web page scans during the past six months;
Windows Live OneCare and Windows Defender, operating on more than 100 million computers
worldwide; Forefront Online Protection for Exchange and Forefront Client Security, scanning billions of
e-mail messages yearly; and Windows Live Hotmail, operating in more than 30 countries with
hundreds of millions of active e-mail users.
Top Global Trends
Ten years after Melissa appeared and defined mass-mailing worms as a class of malicious threats,
worm infections have resurged to become the second most prevalent threat for enterprises in the
first half of 2009. Worms rely heavily on access to unsecured file shares and removable storage
volumes, both of which are plentiful in enterprise environments. According to SIRv7, the following
were the top two families detected:• Conficker was the top worm threat detected for the enterprise, because its method of propagation
works more effectively within a firewalled network environment. Conficker is not in the top 10 for
consumers, because home computers are more likely to have automatic updating enabled. This
further reiterates the need for enterprises to have a robust security update management program
in place.• Taterf, with detections up 156 percent since the second half of 2008, targets massively multiplayer
online role-playing games (MMORPGs). These attacks rely less on social engineering to spread, and
8/8/2019 Microsoft Report Reveals Resurgence of Worms
http://slidepdf.com/reader/full/microsoft-report-reveals-resurgence-of-worms 2/3
8/8/2019 Microsoft Report Reveals Resurgence of Worms
http://slidepdf.com/reader/full/microsoft-report-reveals-resurgence-of-worms 3/3
applications and customer-developed internal applications.
• Ensure that a customer’s development team is using the Security Development Lifecycle
(SDL),http://www.microsoft.com/sdl , or a similar software security assurance process.
• Ensure that policies are in place to help secure all file shares and regulate the use of removable
media. Install AutoPlay update to help regulate automatic initiation of potentially dangerous
removable media.A full list of Microsoft’s guidance, a downloadable version of SIRv7 and other related resources are
available at http://www.microsoft.com/sir.
