Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: What's Another 32-bits to Malware?

    The migration of PC computing from 32-bit to 64-bit is in full swing at last, and if you’ve been confused as to what it all means, you’re not alone. PCs built for years now have been capable of running both 32-bit and 64-bit operating systems, but for that you need 64-bit version of Windows (and corresponding...
  • Blog Post: Fake Security Software All Up

    In a recent blog posted on 18th November we talked about the significant threat that AV rogues had posed for our users this year. Besides the prevalent rogues covered by the MSRT, the following is a longer list of AV rogues detected by Microsoft AV products such as Microsoft Security Essentials , Forefront...
  • Blog Post: Announcing Microsoft Security Intelligence Report, Volume 8!

    The eighth volume of the Microsoft Security Intelligence Report is going live today. Inside, you’ll find 248 pages of in-depth information about malware, spam, malicious Web sites, vulnerabilities, and exploits that are relevant to the Windows platform. This volume contains a new Mitigation Strategy...
  • Blog Post: Win32/FakeRean and MSRT

    This month we added another rogue to the MSRT family list - Win32/FakeRean . Win32/FakeRean is generally very similar to Win32/InternetAntivirus and Win32/FakeXPA , which we continue to see in large numbers each month. Following the fashion, Win32/FakeRean is distributed as several variants, each with...
  • Blog Post: A Peek at MSRT November Threat Reports

    By continuing to include new variants of the existing threat families, the MSRT has removed malware from more than 1.5 million machines three days after its release on 10 November. This month we’ve also added Win32/FakeVimes and Win32/PrivacyCenter to the MSRT detection and have removed these new rogues...
  • Blog Post: Protecting Our Customers From Half a Million New Unique Malicious Files Every Day

    You might find it hard to believe, but that’s the number of new unique malware samples we detect on average every day in the wild. During the second half of 2008 our products detected a total of nearly 95 million unique malicious files. The total number of distinct malware files we detect every day in...
  • Blog Post: Greetings from Tokyo…

    This year at the PacSec conference, I will present a Microsoft view of the threat landscape during the first six months in 2009. It will be based on telemetry data published in the latest Security Intelligence Report (SIR) published on Nov 2nd, 2009. You can find agenda of the conference at http://pacsec...
  • Blog Post: Microsoft Security Intelligence Report Volume 5 is Now Available

    One of our goals here at the Microsoft Malware Protection Center (MMPC) is to share the valuable data, insights and expertise we have with customers on a regular basis in an effort to help customers better understand the changes occurring in the threat landscape and improve their defenses accordingly...
  • Blog Post: MSRT and MMPC in 2H08 – Microsoft Security Intelligence Report

    The MSRT added the following threat families in 2H08. Rogues and botnet malware were the focus during the six months. New Family Note Added in Computers Cleaned by the MSRT in 2H08 Win32/Horst CAPTCHA breaking threat July 235,318 ...
  • Blog Post: Welcome to the New Look Microsoft Malware Protection Center Blog

    Hi, Vinny here Welcome to our newly refreshed blog! We wanted to create a new home for the Microsoft Malware Protection Center (MMPC) blog that was easier to navigate, and more in synch with our security colleagues within Microsoft such as the Microsoft Security Response Center . If you are new to our...
  • Blog Post: Where is Waledac - Episode II

    The Spambot Whilst Win32/Waledac is probably best known for the ability to send spam, it can also download and execute arbitrary files. In addition to using this downloading mechanism to update itself, Waledac can also download other malware. The MMPC has observed the download of Trojan:Win32/FakeSpypro...
  • Blog Post: Plays Well With Others

    Just over a week ago the Microsoft Malware Protection Center released the seventh edition of our Security Intelligence Report covering the first half of 2009. Like all of our previous reports we have distilled information and insight from the wide array of telemetry we have available to us. New to this...
  • Blog Post: Yes, SIR, More Rogues!

    As Vinny mentioned in his post , the data in our recently released Microsoft Security Intelligence Report (SIR) clearly shows what we've been seeing in our day-to-day research over the last six months or so - rogue security software is getting more prevalent. As well as the raw data, the SIR includes...
  • Blog Post: MSRT August Top Detection Reports

    This month the MMPC added a new threat family, Win32/FakeRean , to the MSRT. You can refer to Hamish’s blog post, “ Win32/FakeRean and MSRT ” for more details on this fake, or rogue, security software. As of August 24, the MSRT had cleaned FakeRean from 162,328 infected machines. The following table...
  • Blog Post: Malware Distribution Across Operating Systems

    Depending on your background, you may find different sections of the newly published Microsoft Security Intelligence Report (SIR) to be of more interest. In today’s post, we would like to highlight the section on infection rates based on the operating system (OS) version and the service pack level. Microsoft...
  • Blog Post: Did You Say Malware? Where?

    Customers often look for information about malware that may affect them. For the last couple of years, we have shown that malware doesn’t spread evenly across the globe, despite the global nature of the Internet. Threats that rely on social engineering, are not equally effective in different parts of...
  • Blog Post: Who's at Risk on the Internet Today? We All Are. Act Accordingly…

    Here at the Microsoft Malware Protection Center (MMPC) we look for ways to share the valuable data, insights and expertise that we have with our customers on a regular basis. We just released the sixth volume of our Microsoft Security Intelligence Report (SIR). The SIR shares the conclusions drawn by...
  • Blog Post: Threats at Home and at Work

    It’s pretty obvious that people often behave differently at home and at work. Microsoft has found that malware and potentially unwanted software are encountered differently and act differently in the two environments. The following graph shows the difference between the categories of threats encountered...
  • Blog Post: Newly updated MMPC whitepapers now available

    Would you like to know more about the MMPC, and how we protect computer users worldwide? We have released new versions of two whitepapers which describe how the MMPC operates, and provide an introduction to the antimalware technologies that the MMPC supports. The two new papers are: - Malware Research...
  • Blog Post: PDF E-ducation

    Recently, Marian and Andrei presented a paper at the CARO Workshop about PDF vulnerabilities and exploits related to them. As we presented in our latest Security Intelligence Report , there was an increase in the use of these exploits, and the trend keeps going on. Since the beginning of the year...