Microsoft Security Intelligence Report: Overlook the Zero-Days
Microsoft submitted the eleventh edition of Security Intelligence Report covering the period January to June 2011. The report compares the effects of malicious programs that attack vulnerabilities for which there are no security updates are available called as zero-day attacks.
According to the report, the vulnerability that zero-day account constitutes for only 1% of attacks observed in the world. The remaining 99% of attack exploits of known vulnerabilities, for which a fix is already available at the time of the attack. Zero-day exploits are the least of a company concerns and are not a major threat to organizations.
“As part of SIRv11 (Microsoft Security Intelligence Report, volume 11), we conducted research to quantify exactly how pervasive the threat posed by zero-day attacks was in the first half of this year,” said Tim Rains, director of product management at Microsoft’s Trustworthy Computing Group. “We found that none of the most prevalent malware threats used zero day exploits to propagate in the first half of 2011, and less than one percent of attacks using exploits, leveraged zero-day vulnerabilities.”
Zero-day is a term that describes security concerns where an exploit is released before a software company has issued a security update.
Microsoft says the appearance of malware can break by instinctive force passwords on infected systems and more than a third of malware seen by Microsoft still using the technique of autorun in Windows to run automatically when an infected device is inserted to system.
The phishing attack techniques has created nearly half (45 percent) spread of malware in the first half in 2011. In addition, more than a third of malware is distributed via attack by Win32/Autorun abuse. Nearly 90 percent of damages by the hackers to exploit the vulnerability of system are due to security software not being updated from more than one year.
“I definitely don’t want to dismiss the significance of zero-day vulnerabilities, but SIRv11 does put them into perspective. It also draws attention to the other 99+ percent of attacks which occur as a result of things like social engineering, weak passwords and unpatched vulnerabilities,” Rains said.
Microsoft releases patches on every second Tuesday of the month. The October patch fixes include Service Pack 3 for Office 2007 and SharePoint 2007, an update to the Malicious Software Removal Tool and others major critical updates. Google, to prevent malware on its end, is using the power of data analysis to help determine where to look for malware and recently rolled out a new notification for its search engine.
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
