A lot of major players in the anti-malware world issue periodic reports — very long .pdf files that not enough people have the time to read. News reporters jump on the reports, and write stories about the trends the researchers are seeing. They’re extensively reported. It isn’t a bad system. If by chance you read the original reports, you’ve probably noticed they’re getting better and more comprehensive.
Microsoft just made public a monster 232-page intelligence report on the state of security for the first half of 2009 with a load of historic perspective. It could just about serve as a textbook for a short course in security for the average Internet user.
McAfee also issued a nicely done Third Quarter Threats report.
Here are some highlights from the two that have been generating news:
— Microsoft’s monitoring of more than 400 million PCs (via Malicious Software Removal Tool) showed that 55.5 percent of attacks for the half year were aimed at unpatched vulnerabilities in Microsoft Office applications. Most of the holes the malware was targeting were in unpatched Office installations, some as old as 2003. In many cases, victims had upgraded their operating systems, but neglected Office updates. Other highly targeted applications were WinZip, Internet Explorer, Adobe Reader and RealPlayer.
— Software piracy results in infected computers because people running pirated operating systems don’t upgrade them. China, Brazil and France have higher piracy rates and fewer people who use Windows Update, Microsoft says.
— Web threats are getting worse. Distributed denial-of-service attacks for extortion are back, the proportion of spam in email has reached 92 percent and 13 million computers were taken over by bots in the quarter, according to McAfee. The U.S. is the country with the most bot-infected computers.
— There is a growing body of malware that tries to steal login credentials from online game players, including those who play Maple Story, Lineage and World of Warcraft. Malicious operators are after players’ virtual goods, which can be sold. Gamers are warned to avoid logging in on computers they can’t trust. They also are warned to avoid game cracks and cheats, since those are often Trojanized.
— The number of infections from worms has increased and there were 20 percent fewer infections from rogue security software.
Want more details?
Microsoft Security Intelligence Report Vol. 7 January through June 2009 here.
Third Quarter 2009 McAfee Threats Report here.
Tom Kelchner
Update: November 5
An excellent point:
From: M D Meridian
Long story short: Windows update is NOT the same as Microsoft update.
Microsoft update gets you Windows AND Office updates; Windows update gets you only Windows updates.
Even Microsoft sometimes, much too often, uses one term for the other, and vice versa.
Clear this up with users and a lot of the “neglect” will go away.
Yes, I learned this the hard way.
cordially, md