The Microsoft Malware Protection Center (MMPC) is committed to helping Microsoft customers keep their computers secure. By continuously gathering and analyzing data, and by working with organizations inside and outside Microsoft, the MMPC stays agile to combat evolving threats. Our mission is to help protect customers and systems, quickly respond to malware outbreaks, advise customers, and engage in valuable partnerships.
Microsoft antimalware products and services help protect more than 600 million computers worldwide on a monthly basis. The MMPC team works closely with product teams at Microsoft to help ensure that products have the latest antimalware definitions and can provide accurate and actionable telemetry—data that can be used for further research.
The scanning tool that all these technologies use—the Microsoft antimalware engine—loads definition files that contain detection signatures for thousands of different families of malware and potentially unwanted software. These detection signatures are key aspects of security updates. They are continually updated in response to new research and telemetry.
Telemetry data generated by Microsoft security products includes information about the general geographical location of the computers (not exact locations or personal information). This data enables the MMPC to compare infection rates, patterns, and trends in various locations around the world.
By receiving telemetry from millions of computers, and operating a global network of research and response labs, the MMPC can identify and mitigate new threats within hours of their discovery. By using advanced research and heuristics, and by continuously monitoring for malicious behaviors, the MMPC also provides proactive detection for new threats – before we even receive our first sample. Labs in Redmond (Washington, United States), Munich (Germany), and Melbourne (Australia)—with the help of additional researchers in other locations around the world—ensure that a response team is always online.
The MMPC uses multiple channels to distribute malware research and security information to the public:
The MMPC engages widely within the antimalware industry. It collaborates with security researchers, partners, competitors, and independent software vendors (ISVs) worldwide. It also works with law enforcement organizations that seek to apprehend attackers.