Microsoft has recently published the latest version of the Security Intelligence Report v14 (http://microsoft.com/sir) focusing on software vulnerabilities, software vulnerability exploits, and malicious and potentially unwanted software during the third and fourth quarter of 2012. Please allow me to share a few highlights from the report.

Use an up-to-date antimalware

Computers with a real-time antimalware protection were on average 5.5 times less likely to report malware infections than those without. On top of that, 25% of computers worldwide (or 270 million computers) were not protected by up-to-date antivirus software. Microsoft offers for free its antimalware Microsoft Security Essentials for people using a genuine Windows. Windows 8 comes with a built-in antimalware called Windows Defender. Other consumer security solutions can be found here: http://www.microsoft.com/windows/antivirus-partners.
clip_image002

 

Deploy security updates for all your software

The following graph shows the vulnerability disclosures for Microsoft and non-Microsoft products, emphasizing that when you deploy security updates you should pay attention to not only Microsoft software but also to other software from third parties.

image

 

Top exploits: Java, HTML/JavaScript, documents, then OS

Top exploits include Java, HTML/JavaScript, then Documents (most of which for Adobe Reader and Adobe Acrobat), then Operating Systems.
clip_image006

A world view

SIR v14 provides a heat-maps that show the infection rates in locations around the world in computers cleaned per mille (CCM), which represents the number of reported computers cleaned for every 1,000 executions of the Microsoft Malicious Software Removal Tool (MSRT). Here is the one for Q4 2012:
clip_image008

As you can see, the Gulf region is having a greater proportion of cleanings of malware supported by MSRT than the worldwide average (keep in mind though that MSRT only cleans a subset of all malware listed in Microsoft Malware Encyclopedia.)

image

I want here to underline that the State of Qatar was the least infected country in the Middle-East at the end of 2012

which is a very encouraging result when you realize that the Security Intelligence Report was ranking Qatar as the worst in the world regarding malware infections in the year 2011. This improvement is the reward of the great work done by the Supreme Council of Information and Communication Technology, and ictQATAR’s Qatar Computer Emergency Response Team (Q-CERT). Congratulations!

Use modern software and file formats

The more recent your Windows is, the less likely the infections.

image

Retire Windows XP now

See above how Windows XP was the most infected Windows. If you add on top of that the termination of Windows XP on April 8th, 2014, I hope it’s a clear case to retire Windows XP as soon as possible.

Next I’ll cover targeted attacks by determined and persistent human attackers. Stay tuned.