Microsoft Security Intelligence Report Vol.7

Microsoft has just release their latest security Intelligence Report. The Security Intelligence Report covers the time period 2009 from January through June. Data used in this report comes from over 450 million computers worldwide, each running Windows. But additional data originates from Windows Live Hotmail and Bing; those busy applications on the Internet.

This report provides a detailed look at the threat landscape. But it is also provides a working guidance for IT professionals to help mitigate these threats. The analysis comes from the three Microsoft Trustworthy Computing Security Centers as well as several Microsoft product groups.


What you get in Volume 7 is an in-depth perspective on malicious and potentially unwanted software. They also cover software exploits, security breaches and software vulnerabilities. These can be found in Microsoft software and also in third-party software. The perspectives come from a detailed analysis steming from the past several years. The current focus is on the first half of 2009.

Threat Incidents World Wide

These are threat categories worldwide and in the eight locations with the most infected computers, by incidence among all computers cleaned by Microsoft desktop anti-malware products.

Infection Rate By Country

Infection Rate By Country

These images are part of the wide range of detailed analysis that is provided by the document, which by the way is over 230 pages in length.

Some Key Findings

The following list only highlights some of the findings that can be found in the report.

Malicious and Potentially Unwanted Software
In the 1st Half 2009 there worm infections increased and were detected in many countries and regions worldwide.

Operating System Trends
Windows Vista had infection rates that were considerably lower than for Windows XP in all configurations in the 1st Half of 2009.

Analysis of Phishing Sites
Phishing rose significantly in the 1st Half of 2009, and was due to a large increase in phishing attacks targeting social networking sites.

Geographic Distribution of Phishing Sites
While phishing sites are concentrated in a few geographic locations, they were detected in many places around the world. According to Microsoft phishing sites were found on every inhabited continent and in 46 of the 50 U.S. states.

E-Mail Threats
FOPE, the Forefront Online Protection for Exchange was busy blocking 97.3 percent of all messages received at the network edge during the 1st Half 2009, up from 90.0 percent in 2nd Half 08. Overall, FOPE blocked close to 98 percent of all messages received.

Automated SQL Injection Attacks
SQL injection was a database compromising tool which is used to damage or steal data located in databases. They target databases that use Structured Query Language (SQL). The SQL injection used syntax to control information storage and retrieval. This technique was observed during the 1st Half 09.

Analysis of Drive-By Download Pages
Drive-by download pages are hosted on compromised legitimate Web sites. But attackers gain access to these legitimate sites through intrusion or surrepitiously when they post malicious code into Web form, such as a comment field on a blog that is not secured very well.

Industry-Wide Vulnerability Disclosures
The total unique vulnerability disclosures that occured around the industry dropped sharply in the 1st Half of 2009, down 28.4 percent from the 2nd Half 08.

Microsoft Vulnerability Details for 1st Half 09
In the 1st Half 09 Microsoft announced and released 27 security bulletins. These addressed close to 90 individual common vulnerabilities, and exposures–identified vulnerabilities.

Regional Variations in Update Service Usage
The use of Microsoft online update services varied around the world due in part to a number of factors. Some having to do with broadband and Internet connectivity, others involved software piracy, and a percentage of computers that were managed in enterprise environments.

Security Breach Trends
For all of the malware and other malicious software that was reported in the 1st half of 2009, the top category for data loss continued to be stolen equipment, such as laptop computers (this was about 30 percent of all data-loss incidents reported.) This accounted for twice as many incidents as intrusion.

Source: Microsoft Security Intelligence Report volume 7 (January – June 2009)

Subscribe & Connect

Share This Post: 

Subscribe to our e-mail newsletter for updates:

, , ,

One Response to Microsoft Security Intelligence Report Vol.7

  1. Anonymous April 10, 2010 at 9:54 am #

    Last month was also the first time since the launch of Windows 7 Product Key that Windows Vista lost more market share than Windows XP. Even so, XP has slid 75% more than Vista in the last three months, not surprising since the eight year old and rapidly ageing OS is the most popular on the planet by a large margin, making it more likely that people are replacing XP instead of Vista with Windows 7. However since Windows 7 has been released, XP has dropped more than twice as much as Vista’s market share.

Leave a Reply