Microsoft has released the fourth volume of its Security Intelligence Report (SIR) which focuses on the second half of 2007 and uses data derived from a range of tools running on approximately 450 million computers worldwide.
The SIR shows the fewest number of security vulnerability disclosures across the software industry since the second half of 2005, along with a rise in malicious and potentially unwanted software, which demonstrates a continued use of malware as a tool for targeting computer users for profit.
More specifically, the second half of 2007 showed a decline in new security vulnerability disclosures by 15 percent and a decrease in total vulnerability disclosures by 5 percent for all of 2007. The data also reveals a 300 percent increase in the number of trojan downloaders and droppers, illustrating that the malware category continues to grow in popularity among attackers.
The report also shows a 66.7 percent increase in the number of potentially unwanted software detections between July 1 and December 31, with a total of 129.5 million pieces of potentially unwanted software found on users' systems.
Based on these and other key findings from the report, Microsoft recommends include the following:
- Check for and apply software updates on an ongoing basis, including updates provided for third-party applications.
- Enable a firewall.
- Install and maintain up-to-date anti-virus and anti-spyware programs that provide increased protection from malicious and potentially unwanted software.
"The SIR provides us with a chance to share with our customers and industry partners what we're seeing in the threat landscape so we can all help ensure users are better protected and work toward a more trusted Internet," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center. "This latest volume supports our position that today's threats continue to be motivated by monetary gain, and it also gives us a solid view of vulnerability and exploit trends."