Some of the most prevalent malware threats over the past couple of years have misused a feature in Windows commonly called Autorun to execute code and attack systems.  The top families of threats that use this technique include Win32/Taterf , Win32/Rimecud , Win32/Conficker , and Win32/Autorun .  If you have been using the Microsoft Security Intelligence Report as a source of information on threats, you’ll likely recognize this list of “usual suspects” and know that many of them can copy...

One type of threat that we have been warning customers about for the past several years is called rogue security software, also known as “scareware”. Rogue security software is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions. Rogues typically mimic the general look and feel of legitimate security software programs and claim to detect...

Today, I want to digress a bit from our normal security and cybersecurity topics to talk about yesterday’s sneak peak at Windows 8.  I’ve been at Microsoft for eight years now, so I’ve developed a perspective on Microsoft that is a bit different than most people.  When I think of Microsoft, I don’t think of a big corporate entity.  I think of the collection of talented individuals that I’ve met and worked with over the past years.  They are passionate, they have great intentions...

I just got back to Redmond after spending the last couple of weeks touring several locations in Asia, where I was briefing customers and partners on the key findings of the Microsoft Security Intelligence Report volume 10 (SIRv10). As I mentioned in a past post on SIRv10, it contains a detailed analysis of threats in 117 locations around the world. There are global malware threats that we see appear in many regions around the world, but there are also many threats that are highly regionalized...

Last year at the ISSE conference in Berlin , Scott Charney shared the Collective Defense proposal and the Internet health model for addressing cybersecurity with the goal of protecting consumers and their devices from botnets and other malware. That paper looked at two models to improve the health of devices: observing symptoms to detect infected devices and demonstrating health to help keep devices protected over their lifetime. We have seen proof points of the former model around the world this...