Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Microsoft Security Intelligence Report puts “Zero-Day” threat into context
Posted on 12-Oct-2011 09:13. | Tags Filed under: News.

Microsoft Corp. released the Microsoft Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day vulnerabilities — software vulnerabilities that are successfully exploited before the vendor has published a security update or “patch.”

In contrast, 99 percent of all attacks during the same period distributed malware through familiar techniques, such as social engineering and unpatched vulnerabilities. In the report, Microsoft highlights the fact that some of the more common threats can be mitigated through good security best practices.

SIRv11 further revealed that user interaction, typically employing social-engineering techniques, is attributed to nearly half (45 percent) of all malware propagation in the first half of 2011. In addition, more than a third of all malware is spread through cybercriminal abuse of Win32/Autorun, a feature that automatically starts programs when external media, such as a CD or USB, are inserted into a computer. Ninety percent of infections that were attributed to vulnerability exploitation had a security update available from the software vendor for more than a year.

“We encourage people to consider this information when prioritizing their security practices,” said Vinny Gullotto, general manager, Microsoft Malware Protection Center. “SIRv11 provides techniques and guidance to mitigate common infection vectors, and its data helps remind us that we can’t forget about the basics. Techniques such as exploiting old vulnerabilities, Win32/Autorun abuse, password cracking and social engineering remain lucrative approaches for criminals.”

In the report, Microsoft includes prescriptive guidance to help educate people about commonly known social-engineering techniques, how to create strong passwords and how to manage security updates. In addition, Microsoft provides insight into reducing Win32/Autorun abuse with updates released earlier this year for Windows XP and Windows Vista (Windows 7 already included these updates) that prevent the Win/32Autorun feature from being enabled automatically for most media. Within four months of issuing the update, the number of infections from the most prolific Win32/Autorun-abusing malware families was reduced by almost 60 percent on Windows XP and by 74 percent on Windows Vista in comparison to 2010 infection rates.

“The insight about global online threats, including zero-days, from SIRv11 helps our mutual customers better prioritize defenses to more effectively manage risk,” said Brad Arkin, senior director, product security and privacy at Adobe. “It also provides a good reminder on the importance of keeping systems up to date with the latest security protections.”

Microsoft says the company advocates a multifaceted approach to managing risk, including build products and services with security in mind. Industry-disclosed vulnerabilities have dropped approximately 24 percent since July 2010 and have been trending down during the past five years.

The company also suggested consider cloud services, because in a cloud-computing environment, the cloud vendor manages many of the security processes and procedures required to keep a system up to date, including the installation of security updates. Businesses and consumers constrained in managing the security of their computing environment can leverage cloud services to help offload portions of their security management.

“Organizations can choose to leverage the cloud to help ensure the services they use have the most up-to-date security protections. Cloud providers, such as Microsoft, are resourced to focus on security,” said Adrienne Hall, general manager, Microsoft Trustworthy Computing. “In transitioning the management of a portion of security functions, resources are freed up to focus on other areas of security or on different IT projects altogether.”

More information:

comments powered by Disqus

Trending now »

Hot discussions in our forums right now:

Sony XZ Owners discussion
Created by networkn, last reply by tripp on 23-Oct-2016 07:40 (97 replies)
Pages... 5 6 7

Gigabit cable now available
Created by sub, last reply by Skillie on 23-Oct-2016 09:30 (58 replies)
Pages... 2 3 4

Who is this women? She is possibly the most famous women on the internet and nobody knows who she is.
Created by jimbob79, last reply by cynnicallemon on 20-Oct-2016 13:28 (14 replies)

Labour weekend plans?
Created by DarthKermit, last reply by joker97 on 22-Oct-2016 09:51 (27 replies)
Pages... 2

Is windows 10 anniversary update causing you problems
Created by robjg63, last reply by mdav056 on 20-Oct-2016 14:01 (27 replies)
Pages... 2

Don't worry about drugs. Helium possession is what will get you busted!
Created by Rikkitic, last reply by Rikkitic on 19-Oct-2016 11:11 (27 replies)
Pages... 2

Kiwibank Platinum by fees not by service?
Created by joker97, last reply by openmedia on 22-Oct-2016 11:23 (22 replies)
Pages... 2

Are the Fritzbox Actually Any Good?
Created by Kopkiwi, last reply by sidefx on 23-Oct-2016 10:20 (10 replies)