Microsoft Study: Malware Up, Vulnerabilities Down
That and other findings were among numerous security trends released Monday in Microsoft's fifth Security Intelligence Report, which provided in-depth analysis on security threats across the globe for the first half of 2008 with data provided from its Malware Protection Center.
According to the report, one of the most significant trends showed that malicious software on Windows tools has risen at least 43 percent from the same time last year. The study found that although patterns of malware varied across countries and regions, Trojan downloaders and droppers remained the most pervasive form of malicious threat, comprising 30 percent of the overall global total of malware.
Malware infection rates tended to be more prevalent in developing countries with limited IT infrastructure than in developed regions or nations, according to data gathered from Microsoft's Malicious Software Removal Tool. In particular, Brazil, China, Indonesia and various regions of Africa were most susceptible to malware attacks. On the attack side, China was the most common origin for browser-based exploits, comprising 47 percent of all incidents, followed by the U.S., accounting for 23 percent of all security attack incidents.
Contrary to current malware trends, the total number of security vulnerabilities across the industry decreased slightly in 2008 -- down four percent from the last half of 2007, and down 19 percent from the first half of 2007. Consistent with industry trends, vulnerability disclosures in Microsoft software during the first half of 2008 also continued its downward spiral.
Additionally, while the total number of vulnerabilities decreased from last year, 48 percent of all vulnerabilities were ranked as "high severity," representing a 13 percent increase from the second half of 2007. However, the number of "high severity" vulnerabilities declined by 28 percent from the first half of 2007, despite the increase in the latter half of last year.
And while operating system vulnerabilities continued to decline, malware writers have increasingly targeted the application layer to distribute malicious code. The study found that more than 90 percent of vulnerabilities detected in the first half of 2008 targeted applications, rather than operating systems.
During the first half of 2008, exploit code was available for 32 percent of vulnerabilities disclosed in Microsoft software, however only 10.4 percent of the vulnerabilities had publicly available code that could be used to adequately launch a malicious attack, according to the study.
However, there might be some hope for Windows Vista users -- infection rates for Windows Vista were found to be significantly lower than that of its predecessor XP. Microsoft vulnerabilities on Windows XP accounted for 42 percent of the total of browser-based attacks, representing a sharp decline when compared to the number of attacks on Windows Vista, which comprised just six percent of browser exploits. Meanwhile, Microsoft software running on computers with Windows XP accounted for five of the top 10 browser-based vulnerabilities in the first half of 2008, compared to zero of the top 10 on computers running Vista.
Ultimately, despite the copious amount of malware unleashed by malicious attackers, the study found that stolen equipment, such as laptops and mobile devices, was the top reason for data loss through a security breach. A much smaller percentage -- 23 percent -- of security breaches in 2008 were the result of an external or malicious hack.