Microsoft Security Intelligence Report is published
Published today (Wednesday 8th April) the Microsoft Security Intelligence Report for the second half of 2008 confirms the recent growth of scareware. Microsoft say that in November 2008 over the course of ten days the Malicious Software Removal Tool (MSRT) purged almost one million PCs of bogus anti-virus programs. The top ten threats encountered on Windows PCs include the scareware families FakeXPA and FakeSecScan.
In September Microsoft took legal action against unknown parties, suppliers of scareware products "Antivirus 2009", "Malwarecore", "WinDefender", "WinSpywareProtect" and "XPDefender"
Significantly, it seems that despite the increase in software attacks such as phishing and botnets the most common cause of security problems is lost or stolen equipment, otherwise there are no surprises in the report. It notes that about 90 per cent of the vulnerabilities in the second half of 2008 were discovered in applications and in web browsers and Microsoft interpret this as a sign of the increasing safety of their operating systems. However there was the, now well known, vulnerability in the Windows Server service in October 2008 - the hole that Conficker exploited and has continued to exploit so effectively.
The full 184 page report is available for download: Microsoft Security Intelligence Report Volume 6
- Microsoft clears 1 million PCs of fake anti-spyware, a report from The H.
- Washington and Microsoft sue fake anti-spyware vendors, a report from The H.
- Thieves and charlatans, a feature on Rogue anti-virus products from The H Security.
- The H Security Conficker information site, general reference on Conficker from The H.