It was early this week when Microsoft released its latest volume of the Security Intelligence Report, or SIR. This report, Microsoft noted, “exposes the threat landscape of exploits, vulnerabilities, and malware”, aiming to “help you protect your organization, software, and people.”
SIR volume 11 has a lot more findings, insights, and observations from the the first half of 2011. Below are just some facts and figures from the report that are worth noting for future reference and study:
- More than 1/3 of malware detected (ab)use the AutoRun feature in Windows. These malware spread via removable drives and network drives.
- Exploits that take advantage of flaws in Java, the OS itself, and HTML/JScript were most prevalent from Q3 of 2010 to Q2 of 2011. The volume of exploits targeting Adobe Flash increased by more 40 times compared to the volume seen in Q2 of this year.
- Adobe Reader and Acrobat are the most affected software for document format exploits. No surprise here.
- Windows XP SP3 (client) and Windows Server 2033 SP2 (server) are the OSs with the highest infection rates.
- Adware, software that were deemed potentially unsafe, and Trojans are the most prevalent threats that were detected on systems. An example of this threat is FakeRean.
- There was a 71.97 percent decrease of spam volume from July 2010 to June 2011 due to the takedowns of the Pushdo/Cutwail and Rustock botnets.
- Phishers are now targeting social networks more than financial institutes.
The .PDF copy of SIR is available and can be downloaded here. If you’re interested in backtracking previous volumes, Microsoft has made them available in their library page.
Stay informed, everyone!