Microsoft released the newest Security Intelligence Report, which focuses on trends in malicious software and other computer threats in the first half of 2009 (January through June).
The report uses data collected from several hundred million Windows users and some of the busiest online services on the Internet, including Windows Live Hotmail and Bing.
Download the report.
Higlights in the SIR v7 include:
· Worm infections are growing.
· Rogue security software continues to be a major threat.
This map shows regional infection rates based on the number of infected computers discovered per 1000 executions of the Malicious Software Removal Tool.
For more information or to past reports, go to Learn about the Microsoft Security Intelligence Report.
Security experts are seeing an increase in spam in Hotmail, Gmail, and other Web mail accounts. Increasingly, the spam appears to be coming from people that the victims know. Researchers suspect that cybercriminals are stealing passwords and other account information through fraudulent e-mail scams and then using these new accounts to send spam to everyone in the victim’s inbox.
To help protect yourself from these scams, follow these three steps:
1. Guard your own account information.
2. Learn to recognize phishing scams in case the scams look like they’re coming from someone that you know.
3. Be careful with links in e-mail. They may direct you to spoofed Web sites.
If you think your Web e-mail account has been hacked, change your password. If you’re still having problems, see What to do if you’ve responded to a phishing scam for more steps to take.
For additional information, see the following articles:
· 5 tips to help keep your passwords secret
· How to reduce the risk of online fraud
· Scams that use Microsoft’s name or product names
· Avoid Advance Fee Fraud and other lottery scams
· Help protect your Windows Live ID
Windows 7, the newest operating system from Microsoft, simplifies computer security, making it easier for you to reduce the risk of viruses, spyware, and other malware. In addition, the improved backup solution helps keep information safe on your computer and in the cloud.
Read about the new and improved safety, security, and privacy features in Windows 7.
· Backup and Restore – The Microsoft backup system is improved for Windows 7 and creates copies of your most important personal files, so you're always prepared for the worst.
· BitLocker - Improved for Windows 7 and available in the Ultimate edition, BitLocker Drive Encryption encrypts your Windows hard disk drive to help keep documents, passwords, and other important data safe. Once you turn on BitLocker, any file you save on that drive is encrypted automatically.
· Parental Controls - In Windows 7, Parental Controls help you limit how much computer time children have, in addition to which programs and games they can use and when they can use them.
· Windows Defender – Included in Windows 7, this program is your first line of defense against spyware and other unwanted software.
· Windows Firewall - Windows Firewall can help protect your PC from hackers and malicious software. In Windows 7, it's powerful and more flexible and easier to use than before.
Want the latest news on Windows 7? Read the Windows 7 Blog.
Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 13 new security updates.
Get the updates
To download the updates, visit the Microsoft Update Web site. If you have automatic updating turned on, your computer will update and install these security updates.
Read more about the updates.
Watch a video about the updates.
Get technical information about the updates
For technical details, visit Microsoft TechNet.
Malvertising might sound like a fancy kind of dry cleaning, but it’s really fake online advertising designed to trick you into downloading malicious software onto your computer. The most common kind of fake ad is for security software that you don’t need and that could harm your computer. This is often called “rogue security software” or “scareware.”
This month Microsoft continued its efforts to combat malvertising by filing five civil lawsuits against companies who allegedly create these fake ads.
For more information about the lawsuits, see BadAd: Going After the Malvertising Threat and Microsoft Advertising and Internet Safety Enforcement Team To Fight Malvertisers.
To help protect yourself against malvertising or scareware:
- Install a firewall and keep it turned on.
- Use automatic updating to keep your operating system and software up to date.
- Install antivirus and antispyware software such as Microsoft Security Essentials and keep it updated.
- If your antivirus software does not include antispyware software, you should install a separate antispyware program such as Windows Defender and keep it updated. (Windows Defender is available as a free download for Windows XP and is included in Windows Vista.)
- Use caution when you click links in e-mail messages or on social networking Web sites.
- Familiarize yourself with common phishing scams.
October is National Cyber Security Month and Microsoft is teaming up once again with the National Cyber Security Alliance (NCSA) to help increase awareness about Internet security issues. The goal of our online materials is to help you educate yourself, your families, your friends, your students, your employees, or your community.
To help protect your computer, follow these steps:
· Turn on your Internet firewall.
· Keep all your software current (including your Web browser) with automatic updating.
· Install and maintain antivirus software and antispyware software, such as Microsoft Security Essentials.
· Only install software from a company that you trust. Watch out for fake antivirus or antispyware software.
For more information, see Stay safer online for National Cyber Security Month or visit the NCSA Web site.
There’s another scam making the rounds that promises to deliver an urgent security update from Microsoft. These e-mail messages attempt to lure you to Web sites to download spyware or other unwanted software. They may also include a file attachment that contains a virus.
Microsoft does not send unsolicited communications about security updates
Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident, but these messages will not contain attachments.
How to help verify the legitimacy of a security-related e-mail
· Legitimate notifications do not include software updates as attachments. We never attach software updates to our security communications. Rather, we refer customers to our Web site for complete information about the software update or security incident.
· Legitimate notifications are also on Microsoft.com. We never send notices about security updates or incidents until after we publish information about them on our Web site. Check the Microsoft Security Updates page to see whether the information is listed there.
For more information see Scams that use the Microsoft name or product names.
To help protect your computer from spyware, viruses, and other malicious software, download Microsoft Security Essentials.
Today marks the launch of Microsoft Security Essentials, a new, no-cost security software for your computer. Security Essentials can help you defend against viruses and spyware, including Trojans, worms, and other malicious software.
One of the best parts about Microsoft Security Essentials is how easy it is to get and keep your PC protected. After a quick, hassle-free install, it works quietly in the background to keep your computer protected and alerts you only when you need to take action.
For more information or to download, see Microsoft Security Essentials.
Already have Microsoft Security Essentials and looking for help? Check out Microsoft Answers.
If you receive an e-mail message that tells you that you have won the Microsoft Lottery or any lottery, delete the message. There is no Microsoft Lottery. There are other lotteries, of course, but if you don’t remember entering them, then the e-mail message is probably a scam.
This type of scam is designed to convince you to send cyber criminals money or to hand over your personal information in advance of receiving your prize. That’s why this scam is sometimes called Advance Fee Fraud.
For more information about Advance Fee Fraud or how Microsoft is working with Western Union and The United States Postal Inspection Service to help you avoid this scam, see Avoid Advance Fee Fraud and other lottery scams.
For more information about other kinds of fraud, see How to reduce the risk of online fraud.
These days our online lives look a lot like our offline lives. We hang out with our friends. We shop. We’re entertained. So, just as you wouldn’t leave your house without your driver’s license or other identification card, it makes sense that you need a similar information card to use online.
Windows CardSpace helps you control your digital identity, which helps make online activities (like shopping and social networking) safer and more efficient.
To learn more, see What is Windows CardSpace?
Or watch Windows CardSpace in action on their demo page.
Ready for Windows CardSpace? Get it now.
Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 5 new security updates.
Get the updates
To download the updates, visit the Microsoft Update Web site. If you have automatic updating turned on, your computer will update and install these security updates.
Read more about the updates.
Get technical information about the updates
For technical details, visit Microsoft TechNet.
Back in February we talked about how to help protect your personal information on the social networking site, Facebook. Since then Facebook has grown exponentially and the one truism about computer security is that cyber criminals follow the crowds.
We’ve heard about lots of scams on Facebook, ranging from spam sent out from accounts without the owner’s knowledge, to stolen personal information (identity theft).
Fortunately, Facebook has some great resources available to help. If your account has been hacked or if you think a friends account has been hacked, check these resources first:
· Facebook security
· Security: Account was hacked or “phished”
· Facebook security tips
You can also get some general advice on how to avoid phishing scams and other online fraud here:
· Reduce the risk of online fraud
· Scams that promise money, gifts, or prizes
· How to handle suspicious e-mail
Bing is the new decision engine from Microsoft. A decision engine is like a search engine that harnesses the information on the Web to help you make better decisions about things like travel reservations, shopping online, your health, and more.
If you use Bing on a public computer or on your family’s shared computer and you don’t want others to know what you were searching for, you can control your search history. Sure, you can use this for nefarious purposes, but you might also want to hide your search history so your loved one doesn’t know that you’ve been using Bing to get the best deal on a birthday gift.
To learn more about search history and how you can view it, pause it, turn it off, or clear it, see See your search history.
If you’re using a different search engine, learn how to use your browser to delete search history.
Do you get your operating system updates from Microsoft Update? Did you know that you can update your Microsoft Office programs at Microsoft Update too?
That’s right, you don’t have to use Office Update to update Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and all your other Microsoft Office programs.
In fact, starting August 1, 2009, Microsoft discontinued support for Office Update and the Office Update Inventory Tool. To continue getting the latest updates for Microsoft Office products, use Microsoft Update.
Your best bet: Automatic updating
If you don’t want to waste time trying to figure out where to go, just use automatic updating. You’ll get all the updates for Microsoft Office and for your operating system and you don’t have to think about it.
For more information, see About Microsoft Office Update: Frequently Asked Questions.
Microsoft releases security updates on the second Tuesday of every month. Today Microsoft released 9 new security updates.
Get the updates
To download the updates, visit the Microsoft Update Web site. If you have automatic updating turned on, your computer will update and install these security updates.
Read more about the updates.
Watch a short video about the updates.
Get technical information about the updates
For technical details, visit Microsoft TechNet.
