Microsoft has released its Security Intelligence Report for the month. The report shows malware infections were low in the first half of 2012 for operating systems, such as Windows 7 and Windows Vista and continues to be low in comparison to than older operating systems like Windows XP Service Pack 3.
However, Windows Vista SP1’s malware infection rate were higher than that of Windows XP SP3 in 3Q11. This is because Windows Vista Service Pack 1 went out of lifecycle support on July 12, 2011. From that date onwards, no new security updates were available for Windows Vista SP1. Users were advised to install Windows Vista Service Pack 2 to continue receiving the benefits of security updates again.
The figure below shows that malware infection rates in various version of windows 7 has risen by a slight margin between the second quarter of 2011 and the second quarter of 2012, the prime reason for it being Malicious Software Removal Tool and CCM measurement.
CCM stands for computers cleaned per mile. The parameter via Malicious Software Removal Tool scanning determines the number of computers infected every 1,000 computers. Over the years, the CCM percentage has increased steadily. The contributing factors to this steady increase are myriad.
Millions of users today are using computers, installing applications on their systems, visiting websites and downloading documents, music, and videos which they shouldn’t. These activities to some extent increase the risk of malware attacks and infections on their devices.
Moreover, new vulnerabilities are targeted via social engineering use to compromise different systems. As examples, read the descriptions below.
Increase in exploit activity
Exploit Activity has been at the highest Levels in recent times. Exploitation attempts of Java vulnerabilities have been the primary reasons for this. So, keeping all your software up to date has become essential to avoid such threats. In addition, Trojans and Trojan downloaders/droppers which were two categories of severe threats at one time are back in activity and prominence among attackers.
Call to Action
It is always advisable to install the latest server packs for your system because when such packs are out of support and no new updates are available for them they become susceptible to attacks. So, any of you still running systems with Windows XP SP2 or Windows Vista SP1, install the latest service pack on these systems immediately. They are no longer automatically receiving new security updates from Microsoft. For Windows XP SP3 support ends on April 8, 2014. If possible, migrate to Windows 7 or Windows 8.
Microsoft advise that as a rule, you should always
- Deploy security updates for all software you have in your environment in a timely manner
- Use anti-malware software from a reputable vendor and keep it up to date.
- Use newer versions of software and newer service packs where possible to get the security benefits of the latest development practices, tools and security mitigations.
You can read the complete report here.