P. 1
Microsoft Security Intelligence Report Volume 9 Jan-June2010 English

Microsoft Security Intelligence Report Volume 9 Jan-June2010 English

|Views: 130|Likes:
Published by Redactie Webwereld

More info:

Published by: Redactie Webwereld on May 13, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





The features and updates available with different versions of the Windows operating
system, along with the differences in the way people and organizations use each version,
affect the infection rates seen with different versions and service packs. The following
fgure shows the average monthly botnet infection rate for each Windows operating
system/service pack (SP) combination that accounted for at least 0.05 percent of total
MSRT executions in 2Q10, expressed in bot CCM, or the number of computers from
which bot-related malware was removed by the MSRT for every 1,000 MSRT executions.
(See “Infection Rates” in the Reference Guide section of the Security Intelligence Report
website for more information about the CCM metric and how bot CCM differs from the
CCM fgures used elsewhere in this report.)

FIGURE 13 Number of computers cleaned of bot-related malware for every 1,000 executions of the MSRT, 2Q10

(“32” = 32-bit; “64” = 64-bit. Systems with at least 0.05 percent of total executions shown.)


Microsoft | Security Intelligence Report

The botnet infection rate for Windows 7 and Windows Vista®

is signifcantly lower than
that of their desktop predecessor Windows XP with any service pack installed, which
refects the security improvements that have been made to the more recent versions of
Windows. Considering only computers that have had the most recent service pack for
their operating systems installed, the infection rate for Windows XP SP3 is twice as high
as that of Windows Vista SP2 and more than four times as high as that of the release-to-
manufacturing (RTM) version of Windows 7.
Infection rates for Windows XP RTM and SP1 are lower than those of more recent ver-
sions of Windows XP. MSRT installations on the older versions, which are no longer
supported by Microsoft, have decreased signifcantly over the past several quarters as
computers have been decommissioned or upgraded. As IT departments and computer
users move to more recent service packs or Windows versions, computers running older
operating system versions are often relegated to non-production roles or other specialized
environments, which may explain the lower infection rates.
Infection rates for Windows Server®

are generally lower than those of the client versions

of Windows.

Servers tend to have a smaller attack surface than computers that run client
operating systems because they are more likely to be used under controlled conditions
by trained administrators and to be protected by one or more layers of security. Server
versions are hardened against attack in a number of ways, which refects this difference
in usage. For example, Internet Explorer Enhanced Security Confguration is enabled by
default, and the Roles Wizard automatically disables features that are not needed for the
confgured server role.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->