Microsoft Security Intelligence Report 14 released

The Microsoft Security Intelligence Report (SIR) analyzes the threat landscape of exploits, vulnerabilities, and malware using data from Internet services and over 600 million computers worldwide. Threat awareness can help you protect your organization, software, and people.

Reporting period

This volume of the Microsoft Security Intelligence Report focuses on the third and fourth quarters of 2012, with trend data for the last several years presented on a quarterly basis. Because vulnerability disclosures can be highly inconsistent from quarter to quarter and often occur disproportionately at certain times of the year, statistics about vulnerability disclosures are presented on a half-yearly basis.

 

Throughout the report, half-yearly and quarterly time periods are referenced using the nHyy or nQyy formats, where yy indicates the calendar year and n indicates the half or quarter. For example, 1H12 represents the first half of 2012 (January 1 through June 30), and 4Q11 represents the fourth quarter of 2011 (October 1 through December 31). To avoid confusion, please note the reporting period or periods being referenced when considering the statistics in this report.

 

Increasing complexity of today

Amid the increasing complexity of today’s computing threat landscape and the growing sophistication of criminal attacks, enterprise organizations and governments are more focused than ever on protecting their computing environments so that they and their constituents are safer online. With more than a billion systems using its products and services worldwide, Microsoft collaborates with partners, industry, and governments to help create a safer, more trusted Internet.

 

Computers that did not have up-to-date real-time antimalware protection were 5.5 times more likely on average to report malware infections each month than computers that did have protection. The CCM for unprotected computers ranged from 11.6 to 13.6, and the CCM for protected computers ranged from 1.4 to 3.8.

 

 

Computers running Windows 8 had the highest rate of protection, with just 8.1 percent of computers running the 32-bit edition and 7.0 percent of computers running the 64-bit edition lacking up-to-date real-time protection. Windows 8 includes real-time antimalware and antispyware protection by default,2 which is likely a significant factor in the reduced number of Windows 8 computers not running security software; previous releases of Windows did not include real-time antimalware software by default. In addition, Windows 8 was only generally available for slightly more than two months of the half-year period, which provided less of an opportunity for real-time protection to expire or to be disabled by computer users or by malware.

 

Among supported releases of Windows, the lowest rate of protection was observed on computers running the RTM version of Windows 7, of which 32.3 percent of computers running the 32-bit edition and 28.2 percent of computers running the 64-bit edition lacked up-to-date real-time protection. Computers running Windows 7 SP1, the most recent service pack available for Windows 7, were significantly less likely to lack real-time protection than computers running the RTM version.