Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Microsoft Update Security Support
1. Windows Live Hotmail Print Message Page 1 of 3
Increase the security of your organisation by getting the facts on the global
threat landscape!
From: Microsoft Malaysia (microsoft@e-mail.microsoft.com)
Sent: 08 April 2010 08:19:13
To: ultradynamic_azizshah@hotmail.com
Welcome back to the Microsoft Security Intelligence Report Series - Part 2. In this edition,
we are focusing on software vulnerability exploits.
An exploit is malicious code that takes advantage of software vulnerabilities to infect a
computer without the user's consent and often without the user's knowledge. Exploits are
often distributed through Web pages, although attackers also use a number of other
distribution methods, such as e-mail and instant messaging (IM) services.
Here is a quick look at what happened around the world in 1H09:
On Windows XP-based
Software Vulnerability Exploit Details
machines, Microsoft
Browser-based exploits by operating system and vulnerabilities account
software vendor for 56.4% of the
exploits, but on
Browser-based exploits targeting Browser-based exploits targeting Windows Vista-based
Microsoft and third-party Microsoft and third-party software
machines, Microsoft
software on computers running on computers running Windows
vulnerabilities account
Windows XP in 1H09 Vista in 1H09
for only 15.5% of the
exploits. Windows 7 is
built on the same
security foundation as
Windows Vista and
promises the same
great protection – with
better device
compatibility and user-
friendly functionality
built in.
Document File Format Attacks
Microsoft Office Format Exploits Increasingly, attackers
are using common file
formats, like .doc, .xls
Vulnerabilities exploited in Microsoft Office file formats
and .ppt as
transmission vectors for
exploits. These formats
are used legitimately by
http://by140w.bay140.mail.live.com/mail/PrintShell.aspx?type=message&cpids=b3a09da... 10/04/2010
2. Windows Live Hotmail Print Message Page 2 of 3
many people, so
blocking them is not
practical and as a result
has made them an
attractive target for
exploitation.
This is one of the many reasons that make it so important for customers to apply all
Security Updates and have an automated process for deployment. Customers running
Windows Server 2003, 2008 and R2 are entitled to use Windows Server Update Services
as part of their licensing agreement. This technology will enable customers to automate
the process of Security Update deployment.
What we at Microsoft have learnt is that the features and updates available with different
versions of the Windows Operating System – along with the differences in the way people
and organisations use each version – affect the infection rates seen.
Infection Trends
Operating system trends
Number of computers cleaned for every 1,000
MSRT executions, by operating system, 1H09
This figure shows that computers with more recent service packs installed have significantly
lower infection rates than computers with older service packs (or the RTM release) for the
same platform. This trend can be observed consistently across client and server operating
systems.
Staying up-to-date is imperative, and for that reason we would like to remind customers
http://by140w.bay140.mail.live.com/mail/PrintShell.aspx?type=message&cpids=b3a09da... 10/04/2010