| |
 |
 |
| Welcome back to the Microsoft Security Intelligence Report Series - Part 2. In this edition, we are focusing on software vulnerability exploits.
An exploit is malicious code that takes advantage of software vulnerabilities to infect a computer without the user's consent and often without the user's knowledge. Exploits are often distributed through Web pages, although attackers also use a number of other distribution methods, such as e-mail and instant messaging (IM) services. | |
|  | |
| | Here is a quick look at what happened around the world in 1H09:
| |
| |
Software Vulnerability Exploit DetailsBrowser-based exploits by operating system and software vendor
| Browser-based exploits targeting Microsoft and third-party software on computers running Windows XP in 1H09 |  | Browser-based exploits targeting Microsoft and third-party software on computers running Windows Vista in 1H09 |
 | |  |
Document File Format Attacks
Microsoft Office Format Exploits
Vulnerabilities exploited in Microsoft Office file formats
 | - On Windows XP-based machines, Microsoft vulnerabilities account for 56.4% of the exploits, but on Windows Vista-based machines, Microsoft vulnerabilities account for only 15.5% of the exploits. Windows 7 is built on the same security foundation as Windows Vista and promises the same great protection – with better device compatibility and user-friendly functionality built in.
- Increasingly, attackers are using common file formats, like .doc, .xls and .ppt as transmission vectors for exploits. These formats are used legitimately by many people, so blocking them is not practical and as a result has made them an attractive target for exploitation.
|
| |
| | | |
| | This is one of the many reasons that make it so important for customers to apply all Security Updates and have an automated process for deployment. Customers running Windows Server 2003, 2008 and R2 are entitled to use Windows Server Update Services as part of their licensing agreement. This technology will enable customers to automate the process of Security Update deployment. | |
|  | |
| | What we at Microsoft have learnt is that the features and updates available with different versions of the Windows Operating System – along with the differences in the way people and organisations use each version – affect the infection rates seen.
Infection Trends
Operating system trends
 | Number of computers cleaned for every 1,000
MSRT executions, by operating system, 1H09 |
 |  |
This figure shows that computers with more recent service packs installed have significantly lower infection rates than computers with older service packs (or the RTM release) for the same platform. This trend can be observed consistently across client and server operating systems.
Staying up-to-date is imperative, and for that reason we would like to remind customers running Windows® XP Service Pack 2 (SP2), Windows® 2000 Server and Windows® 2000 Professional that they will all reach their End of Support (EOS) milestone on July 13, 2010, and the original "RTM" version of Windows Vista® will reach EOS on April 13, 2010.
As a result, customers who use these versions of Microsoft software will stop receiving regular Security Updates from those dates and may be exposed to security exploits. We encourage customers to understand the impact of this and take the necessary steps to avoid any issues when the support is terminated. | |
| | |
|
|
=========
As from the result that we can see now the virus its terrible for operating system , so that's why i advice computer user using internet security , because anti-virus not just fully protective for whole system , once hacker or virus find the new way to entering the os , that time i just can say bye bye to your own os ~
No comments:
Post a Comment