‫ Microsoft Security Intelligence Report (2nd section)

IRCRE201406167

Date: 2014-05-09

Volume 16 of the Microsoft Security Intelligence Report (SIRv16) provides in-depth perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches. Microsoft developed these perspectives based on detailed trend analysis over the past several years, with a focus on third and fourth quarters of 2013.You can see the second section of the report in the following post.

Malware and Potentially Unwanted Software

The information in this section was compiled from telemetry data that was generated from more than 1 billion computers worldwide and some of the busiest services on the Internet.

Global Infection Rates

The following table shows the locations with the most computers reporting malware detections in 2H13.


 

The new threats Win32/Rotbrow and Win32/Brantall were among the top 10 families in 4Q13 in all of these locations except China, and the newly active family Win32/Sefnit was in the top 10 in all of these locations except Brazil, Russia, and China.

Of these locations, Brazil and France were the only ones that experienced encounter rate increases between 1H13 and 2H13. Brantall (encountered by 11.47 percent of reporting computers in Brazil in 4Q13) and Rotbrow (9.82 percent) were particularly prevalent in Brazil in 4Q13.

 

Operating System Infection Rates

The following figure shows the infection rate for each Windows operating system/service pack in 3Q13 and 4Q13.


This data is normalized; that is, the infection rate for each version of Windows is calculated by comparing an equal number of computers per version (for example, 1,000 Windows XP SP3 computers to 1,000 Windows 8 RTM computers).

As in previous periods, infection rates tend to be significantly lower on server platforms than on client platforms. Servers are not typically used to browse the web nearly as frequently as client computers, and web browser features such as Enhanced Security Configuration in Internet Explorer discourage using servers to visit untrusted websites.

Rogue Security Software

Rogue security software, is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

The following figure shows trends for the most common rogue security software families encountered in in 2H13, by quarter.


 
Email Threats
Spam Messages Blocked

The information in this section of the Microsoft Security Intelligence Report is compiled from telemetry data provided by Microsoft Forefront® Online Protection for Exchange (FOPE), which provides spam, phishing, and malware filtering services for thousands of Microsoft enterprise customers that process tens of billions of messages each month.

The following figure shows messages blocked by Exchange Online Protection in 2013, by month.


 

Blocked mail volumes in 2H13 were consistent with 1H13. The dramatic decline in spam observed since 2010 has occurred in the wake of successful takedowns of a number of large spam-sending botnets, notably Cutwail (August 2010) and Rustock (March 2011). In 2H13, Exchange Online Protection determined that about 1 in 4 email messages did not require blocking or filtering, compared to just 1 in 33 messages in 2010.

 

Spam Types

 

The Exchange Online Protection content filters recognize several different common types of spam messages. The following figure shows the relative prevalence of the spam types that were detected from July to October 2013.


Advertisements for non-sexual pharmaceutical products accounted for 43.1 percent of the messages blocked by Exchange Online Protection content filters in 2H13, a slight increase from 42.7 percent in 1H13.

Spam messages associated with advance-fee fraud (known as 419 scams) accounted for 14 percent of messages blocked, down slightly from 15.5 percent in 1H13.

Related Link:

Microsoft Security Intelligence Report (1st section)

Reference:

http://www.microsoft.com/security/sir/default.aspx

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 19 خرداد 1393

دسته‌ها

امتیاز

امتیاز شما
تعداد امتیازها:0