Microsoft released their Security Intelligence Report for the second half of 2009. The report is an analysis detailing the software exploits, security breaches and malicious activity affecting Windows.
The report provides an interesting insight into the whole Windows and security discussion. A couple of days back a hacker claimed that Microsoft is more secure than Apple, while the statement might be up for debate, Windows is definitely getting safer.
The following chart is an indicator of how the different Windows versions have faired:
Points to note:
- Windows 7 and Windows Vista 64-bit versions have the lowest infection rates
- Service Packs have greatly reduced the infections
So what are the various reasons as found by Microsoft that result in infections?
Up until the second half of 2009, according to Microsoft, users losing their devices was a big reason for security breaches. It seems that people have become smarter and probably features like BitLocker and BitLocker To Go have what was expected.
Talking about Hacks and Malware infections, are these due to the OS or applications and how much of a role do browsers play in your machine getting infected have been detailed in the following chart:
This is an interesting chart for two reasons:
- Application vulnerability are more than OS and even browser vulnerability.
- While browser and OS cases have remained constant, application vulnerabilities have fallen over the past year.
I mentioned earlier that Windows is getting safer, while this has a lot to do with the OS and features like BitLocker, Microsoft code targeted through browser vulnerabilities has been quite less since Vista. Two pie charts explain what I mean:
Browser-based exploits that targeted Microsoft & 3rd party software
|Windows XP||Windows Vista and Windows 7|
The charts talk more about Windows and other Microsoft code being more secure and not so much about what browser is used, of course Internet Explorer 6 comes bundled with Windows XP. Getting more specific about browser vulnerabilities, according to the report, in Windows Vista and Windows 7, the Adobe Reader plugin had the highest vulnerability. The vulnerability CVE-2009-0927 affected Adobe Reader 9.
The notorious Conficker worm ranked 5th according to Microsoft’s anti-malware products’ detections on desktops . The top 10 malware according to Microsoft:
A couple of weeks back Microsoft made it’s intentions regarding Windows security clear when they got the Waledac botnet shut down. Some other botnets that are affecting Windows users that Microsoft might go after are:
Some other highlights of the report are:
- Trojans constitute to more than 30% threats worldwide.
- The US and UK have similar threat patterns.
- The threats in that affect China are contained within China and aren’t on the list of top threats for other countries.
- More than 126 million malicious samples were detected in the second half of 2009.
- Microsoft products cleaned 7.8 million computers affected by rogue anti-malware programs.
- Computers that were a part of a domain were more likely to be infected compared to those that weren’t.
- Email spam claiming you as a winner of large sums of money increased significantly.
- Microsoft Security Essentials was a reason for the increase in number of computers cleaned.
Having talked about the security exploits what should you as a user do to protect yourself?
- Make use of features like BitLocker To Go
- Have UAC enabled
- Use anti-malware programs (Microsoft Security Essentials is a free alternative from Microsoft)
- Avoid using pirated protection programs
- Keep Windows updated and use original software.