MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


State security according to Microsoft

In the latest Intelligence Report Microsoft Security, which provides statistical data we obtained between January and June last year, it draws data rather than interesting about the situation that reflects today the state of security worldwide.

The same is focused on detail, always from the point of view of specialists from Microsoft, the vulnerabilities that were given at different levels of technology they need an adequate level of protection, and while not much different to what many we can see, is a good starting point to develop more effective safety strategies.

According to the report, the trend in vulnerabilities decreased by 23% during the semester in question in relation to the year 2007, and over 90% of these vulnerabilities exploited applications. Similarly, 32% of the vulnerabilities in Microsoft applications had a public exploit code available on the Internet.

Among those (vulnerabilities) browser-based, 42% were on WinXP platforms, while, with one big difference, only 6% exploded view. However, no more that 50% of the 10 most critical vulnerabilities affecting any XP and Vista.

Without either the statement by Microsoft through this report is positive given the decline in the percentages mentioned above, it is worth making a separate point in this instance and reflect on something, which even today remains a concern: the lack of update on computers. In fact, something he had mentioned when he talked about the most common safety violations.

Looking good figure, we conclude that the five vulnerabilities exploited XP are:
  • MS06-014(MDAC_RDS). Critical resolved in April 2006.
  • MS06-071(MSXML_setRequestHeader). Critical resolved in November 2006.
  • MS06-057(WebViewFolderIcon). Critical resolved in October 2006.
  • MS06-067(DirectAnimation_KeyFrame). Critical resolved in November 2006.
  • MS06-055(VML). Critical resolved in September 2006.
All vulnerabilities as critical and resolved in 2006 that exploded, and are likely to continue exploiting :-( teams in 2008, two years later.

Really worrying, because it leaves completely exposed the lack of accountability "? awareness and awareness of the problem caused by lack of responsibility update, both client and server level.

The report also covers the threat of malicious code explaining that Microsoft's antivirus solution, called the MSRT (Malicious Software Removal Tool - Removal Tool Malicious Software) eliminated more than 30% of the malware world, where the infection rate was dominated by two families of malware that this tool detects as Win32/Zlob and Win32/Renos. In a closer look at Win32/AntivirusXP explains the relationship between Reindeer and AntivirusXP.

Another very interesting fact to consider, is related to countries that had the highest rate of infection and which was dominated this malware infection rate. In this respect it is clear that countries are:
  • Brazil: where more than 60% of the teams were engaged in some kind of malicious code, predominantly type banker Trojans.
  • China dominated potentially unwanted applications such as adware, especially those with skills to hijack the browser (browser hijacking).
  • Italy: where he also dominated the adware infecting computers over P2P network clients and toolbars.
  • Korea: in this country, again, according to Microsoft, the highest rate of infection caused by viruses like chips and ducklings through P2P networks.
  • Spain: where the worms were the biggest threat with the highest infection rate.
  • USA: where abounded Zlob Trojan family.
With regard to the above, I must admit that I find particularly remarkable is that Korea has had a significant rate of infection caused by classical virus, since this was losing ground over time and now represents a fraction of the significant amount of malware that spreads worldwide.

As far as malware spread through e-mail is concerned, this report also shows that 97.8% of the attachments were blocked in Exchange Server with. Html and. Zip. That is, the greater amount of malicious code to spread via email, have either of these file extensions.

Finally, phishing attacks and spam not escaped the report. It follows that:
  • 71.4% of spam, was represented by the pharmaceutical industry with products such as Viagra, Cialis and other drugs
  • 9.6% with issues relating to the securities market,
  • 8.6% to explicit material,
  • and the remainder was split between phishing (2,5%), online casinos (3.8%), sale of programs (1.1%), scam (1.1%) and something we started seeing since the beginning of 2008, higher diplomas fraudulent studies (1.9%).
However, malicious codes are and will remain one of the most important threats to the safety of different user levels and for companies, and in general all the threats outlined in this document, so surely the next report come off another handful of data "juicy".

Jorge Mieres

0 comentarios:

Post a Comment