Tuesday, April 22, 2008

Microsoft: Vulnerabilities Down, Threats Up

Robert Lemos writes on SecurityFix:

The total number of vulnerabilities disclosed in 2007 fell nearly 5 percent, while the amount of malicious code detected jumped more than 40 percent, according to Microsoft's latest Security Intelligence Report released on Tuesday.

The report, released twice a year by Microsoft, found that vulnerability disclosures sank approximately 15 percent in the second half of 2007, and 5 percent for the year as a whole. The news was not so rosy for high-severity vulnerabilities, the company found: While the number of High-rated vulnerabilities fell in the second half of 2007, the total for the year topped 2006's tally. Approximately a third of all vulnerabilities in Microsoft products had publicly available exploit code in 2007, the same as the previous year.

While vendors appear to be taming their vulnerabilities, PC users should worry more about malicious code. The amount of malware removed from PCs by Microsoft's Malicious Software Removal Tool (MSRT) jumped 40 percent during the last six months of 2007. The most common type of harmful program appears to be Trojan horses that download or drop additional code. Microsoft observed a 300 percent increase in the number of such programs during the second half of 2007.

More here.

0 Comments:

Post a Comment

<< Home