Microsoft Security Intelligence Report Volume 10 An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in 2010. With new data covering July through December Microsoft Security Intelligence Report This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. Copyright © 2011 Microsoft Corporation. All rights reserved. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. 1 Authors Doug Cavit Michelle Meyer Javier Salido Jossie Tirado Arroyo Microsoft Trustworthy Microsoft Trustworthy Microsoft Trustworthy Microsoft IT Information Computing Computing Computing Security and Risk Management Joe Faulhaber Daryl Pecelj Christian Seifert Microsoft Malware Protection Microsoft IT Information Bing Scott Wu Center Security and Risk Microsoft Malware Protection Management Frank Simorjay Center Vinny Gullotto Microsoft Trustworthy Microsoft Malware Protection Anthony Penta Computing Jeff Williams Center Microsoft Windows Safety Microsoft Malware Protection Platform Holly Stewart Center Jeff Jones Microsoft Malware Protection Microsoft Trustworthy Tim Rains Center Terry Zink Computing Microsoft Trustworthy Microsoft Forefront Online Computing Matt Thomlinson Protection for Exchange Jimmy Kuo Microsoft Security Response Microsoft Malware Protection Center Center Contributors Lawren Ahuna Yuhui Huang Don Nguyen Marc Seinfeld Microsoft IT Information Microsoft Malware Protection Microsoft IT Information Microsoft Malware Protection Security and Risk Center Security and Risk Center Management Management CSS Japan Security Jasmine Sesso Eva Chow Response Team Price Oden Microsoft Malware Protection Microsoft IT Information Microsoft Japan Microsoft IT Information Center Security and Risk Security and Risk Management John Lambert Management Norie Tamura (GOMI) Microsoft Security CSS Japan Security Response Enrique Gonzalez Engineering Center Kathy Phillips Team Microsoft Malware Protection Microsoft Legal and Center Eric Leonard Corporate Affairs Gilou Tenebro Microsoft IT Information Microsoft Malware Protection Cristin Goodwin Security and Risk Hilda Larina Ragragio Center Microsoft Legal and Management Microsoft Malware Protection Corporate Affairs Center Laura Lemire Satomi Hayakawa Microsoft Legal and Tareq Saade CSS Japan Security Response Corporate Affairs Microsoft Malware Protection Team Center Ken Malcolmson Microsoft Trustworthy Richard Saunders Computing Microsoft Trustworthy Computing Charles McColgan Microsoft ISD 2 Table of Contents About This Report .............................................................................................. 5 Scope ............................................................................................................. 5 Reporting Period ............................................................................................ 5 Conventions ................................................................................................... 5 Key Findings Summary ...................................................................................... 6 Vulnerability Disclosures ................................................................................ 6 Exploits .......................................................................................................... 6 Malware and Potentially Unwanted Software .................................................. 7 Operating System Infection Rates .................................................................... 7 Threat Families ............................................................................................... 7 Home and Enterprise Threats ......................................................................... 8 Email Threats ................................................................................................. 8 Spam Types .................................................................................................... 9 Malicious Websites ......................................................................................... 9 Trustworthy Computing: Security Engineering at Microsoft .............................. 11 Vulnerabilities .................................................................................................. 12 Vulnerability Severity ................................................................................... 12 Vulnerability Complexity .............................................................................. 14 Operating System, Browser, and Application Vulnerabilities ......................... 15 Vulnerability Disclosures .............................................................................. 16 Exploits ............................................................................................................ 18 HTML and JScript/JavaScript Exploits ........................................................... 20 Document Exploits ....................................................................................... 21 Operating System Exploits ............................................................................ 22 3 Security Breach Trends ................................................................................. 24 Malware and Potentially Unwanted Software .................................................... 27 Global Infection Rates ................................................................................... 27 Operating System Infection Rates .................................................................. 33 Threat Categories .......................................................................................... 36 Threat Categories by Location ................................................................... 37 Threat Families ............................................................................................. 39 Rogue Security Software ............................................................................... 41 Home and Enterprise Threats ....................................................................... 45 Email Threats ................................................................................................... 49 Spam Messages Blocked ................................................................................ 49 Spam Types .................................................................................................. 52 Malicious Websites ........................................................................................... 55 Phishing Sites ............................................................................................... 56 Target Institutions..................................................................................... 57 Global Distribution of Phishing Sites ......................................................... 59 Malware Hosting Sites .................................................................................. 61 Malware Categories ................................................................................... 62 Global Distribution of Malware Hosting Sites ............................................ 65 Drive-By Download Sites .............................................................................. 66 Appendix A: Threat Naming Conventions ........................................................ 69 Appendix B: Data Sources ................................................................................ 71 Microsoft Products and Services ................................................................ 71 Appendix C: Worldwide Infection Rates ........................................................... 73 Glossary ........................................................................................................... 78 Threat Families Referenced in This Report ........................................................ 83 4 About This Report Scope The Microsoft® Security Intelligence Report (SIR) focuses on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches. Past reports and related resources are available for download at www.microsoft.com/sir. We hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users. Reporting Period In this volume of the Microsoft Security Intelligence Report, statistics about malware families and infections are reported on a quarterly basis and other statistics continue to be reported on a half-yearly basis, with a focus on 2010. Throughout the report, half-yearly and quarterly time periods are referenced using the nHyy or nQyy formats, respectively, where yy indicates the calendar year and n indicates the half or quarter. For example, 1H10 represents the first half of 2010 (January 1 through June 30), and 2Q10 represents the second quarter of 2010 (April 1 through June 30). To avoid confusion, please pay attention to the reporting period or periods being referenced when considering the statistics in this report. Conventions This report uses the Microsoft Malware Protection Center (MMPC) naming standard for families and variants of malware
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages89 Page
-
File Size-