The total number of vulnerabilities disclosed in 2007 fell nearly 5 percent, while the amount of malicious code detected jumped more than 40 percent, according to Microsoft's latest Security Intelligence Report released on Tuesday.
The report, released twice a year by Microsoft, found that vulnerability disclosures sank approximately 15 percent in the second half of 2007, and 5 percent for the year as a whole. The news was not so rosy for high-severity vulnerabilities, the company found: While the number of High-rated vulnerabilities fell in the second half of 2007, the total for the year topped 2006's tally. Approximately a third of all vulnerabilities in Microsoft products had publicly available exploit code in 2007, the same as the previous year.
While vendors appear to be taming their vulnerabilities, PC users should worry more about malicious code. The amount of malware removed from PCs by Microsoft's Malicious Software Removal Tool (MSRT) jumped 40 percent during the last six months of 2007. The most common type of harmful program appears to be Trojan horses that download or drop additional code. Microsoft observed a 300 percent increase in the number of such programs during the second half of 2007.
"Clearly, this category of malware has become a tool of choice for some attackers," Microsoft stated in the report. "IT professionals and security professionals alike should become familiar with this type of malware so that they can better protect their networks from attacks that leverage it."
Microsoft's semi-annual report uses data from various public sources as well as Microsoft's Malicious Software Removal Tool (MSRT), Windows Defender, Windows Live OneCare, and Exchange Hosted Services. At the RSA conference earlier this month, Microsoft called for an information-technology industry strategy to increase trust in the Internet.
Microsoft also confirmed a finding by security firm Symantec, the owner of SecurityFocus, that most data breaches were caused by stolen equipment. Only 13 percent of security breach notifications in the second half of 2007 were due to exploits, malware and hacking.
According to Microsoft's latest report, the most common piece of malicious software detected in the second half of 2007 is Win32/WinFixer, also known as WinAntivirusPro, a program that poses as a malicious removal tool. While Microsoft issued fewer bulletins and patched fewer flaws in 2007, the number of flaws in Microsoft Office jumped, though the company pointed out that most only seriously affected earlier versions of the program.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos