‫ Microsoft Security Intelligence Report (2nd section)

Date: 2013-11-17
Volume 15 of the Microsoft Security Intelligence Report (SIRv15) provides in-depth perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches. Microsoft developed these perspectives based on detailed trend analysis over the past several years, with a focus on first and second quarters of 2013.You can see the second section of the report in the following post.
Malware and Potentially Unwanted Software
The information in this section was compiled from telemetry data that was generated from more than 1 billion computers worldwide and some of the busiest services on the Internet.
Global Infection Rates
The following table shows the locations with the most computers reporting potentially unwanted software detections in 1H13.
The potentially unwanted software rate for the United States declined more than 25 percent from 2H12 to 1H13. Encounter rates for the adware families Win32/Hotbar and Win32/GameVance and the potentially unwanted software family Win32/Keygen trended downward from quarter to quarter, which influenced this drop.
Computers in Russia experienced reduced encounter rates for Win32/Pameseg, which drove a decrease of more than 15 percent between 2H12 and 1H13.
Operating System Infection Rates

The following figure shows the infection rate for each Windows operating system/service pack in 2Q13.

This data is normalized; that is, the infection rate for each version of Windows is calculated by comparing an equal number of computers per version (for example, 1,000 Windows XP SP3 computers to 1,000 Windows 8 RTM computers).
As in previous periods, infection rates for more recently released operating systems and service packs tend to be lower than infection rates for earlier releases, for both client and server platforms. Encounter rates also tend to be significantly lower on server platforms than on client platforms.
Rogue Security Software
Rogue security software, is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.
The following figure shows trends for the most common rogue security software families encountered in 1H13.
Email Threats
Spam Messages Blocked
The information in this section of the Microsoft Security Intelligence Report is compiled from telemetry data provided by Microsoft Forefront® Online Protection for Exchange (FOPE), which provides spam, phishing, and malware filtering services for thousands of Microsoft enterprise customers that process tens of billions of messages each month.
The following figure shows messages blocked by Exchange Online Protection, July 2012–June 2013.
Blocked mail volumes in 1H13 were consistent with 2H12. The dramatic decline in spam observed since 2010 has occurred in the wake of successful takedowns of a number of large spam-sending botnets, notably Cutwail (August 2010) and Rustock (March 2011).17 In 1H13, Exchange Online Protection determined that about 1 in 4 email messages did not require blocking or filtering, compared to just 1 in 33 messages in 2010.
Spam Types
The Exchange Online Protection content filters recognize several different common types of spam messages. The following figure shows the relative prevalence of the spam types that were detected in 1H13.
Advertisements for non-sexual pharmaceutical products accounted for 42.7 percent of the messages blocked by Exchange Online Protection content filters in 1H13, a slight decrease from 43.8 percent in 2H12.
Spam messages associated with advance-fee fraud (so-called 419 scams) accounted for 15.5 percent of messages blocked, a slight increase from 14.3 percent in 2H12.
Related Link:


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 26 آبان 1392



امتیاز شما
تعداد امتیازها:0