Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

September, 2012

  • The Threat Landscape in the Middle East – Part 2: The Palestinian Authority and Iraq

    In the first part of this series on the threat landscape in the Middle East I focused on the threats in Qatar, the location with the largest improvement in malware infection rates in the region.  In this part of the series I focus on the Palestinian Authority and Iraq, the two locations with the highest malware infection rates in the region in the second half of 2011.

  • The Threat Landscape in the Middle East – Part 1: Qatar

    Recently we have published articles on the threat landscape in many different parts of the world including the European Union (part 1, 2, 3), Africa, Asia (part 1, 2, 3) and Oceania.  The analysis in these articles is based on data and insights from the Microsoft Security Intelligence Report volume 12 (SIRv12) and previous volumes of the report.

  • A delegate’s view of (ISC)2 Security Congress 2012

    I attended the second annual (ISC)² Security Congress, collocated with the ASIS International 58th Annual Seminar and Exhibits last week (September 10-13, 2012) held in Philadelphia and wanted to pass on some of what I saw there.   Microsoft Trustworthy Computing was a sponsor of (ISC)² Security Congress and Microsoft Global Security had an exhibitor booth (seen in the picture above) on the ASIS show floor.

  • Security Education from the front lines

    I would consider myself very much a realist, and know full well that as an industry we often let the quest for perfection get in the way of “good enough.” I believe in simple, low friction tasks that have major impact with as little engineering effort as possible. I think security education is an area where people are often looking for big, grandiose, “perfect” solutions, when “good enough” will suffice. Don’t get me wrong. I love to see a solid, complete...
  • Microsoft’s Free Security Tools – Windows Defender Offline

    This article in our series focused on Microsoft’s free security tools is on a tool called Windows Defender Offline.  Windows Defender Offline is a standalone software application that is designed to help detect malicious and other potentially unwanted software, including rootkits that try to install themselves on a PC.  Once on a PC, this software might run immediately, or it might run at unexpected times. Windows Defender Offline works by scanning an operating system to check the authenticity of any communication the operating system has with the Internet. If there is an application deemed unsafe, it will alert the user and block the contents of the application until the user either accepts or denies the risk.

  • The Threat Landscape in Asia & Oceania – Part 4: Australia and New Zealand

    In the first three parts of this series on the threat landscape in Asia and Oceania I examined threats in Vietnam and India (highest malware infection rates in the region), Japan and Korea (very interesting juxtaposition), and Malaysia and Singapore (malware infection rates trending lower).  This final part of the series is on threats found in Australia and New Zealand.

  • Counterfeit Software Preloaded with Malware and the Link to Botnets: Operation b70

    For years I have heard talk in the industry that much of the counterfeit software available on the Internet was preloaded with malware.  How much of the counterfeit software available is preloaded with malware?  What type of malware is preloaded on these systems and what does it allow the attackers to do?  

  • What you should know about the planned change to Windows certificate requirements in October 2012: Security Advisory 2661254

    This morning, the Microsoft Security Response Center published its monthly security bulletins.  One thing you should do, if you haven’t already, is evaluate your environments for dependencies on certificates with RSA key length less than 1024 bits. In October the bar gets raised on certificate requirements in an effort to help create a safer more trusted Internet for everyone. 

  • The Threat Landscape in Asia & Oceania – Part 3: Malaysia and Singapore

    In part 1 and part 2 of this series on the threat landscape in Asia and Oceania I focused on Vietnam, India, Korea and Japan.  In this third part of the series, I’m focusing on Malaysia and Singapore. 

    I have visited both of these countries in the past to discuss threats in these locations with customers.  Both of these locations typically have malware infection rates (CCM) above the worldwide average.  This changed in the third (3Q11) and fourth (4Q11) quarters of 2011 as seen in figure 1.  Singapore’s CCM trended down below Malaysia’s in 3Q11 after being above it for all four of the previous quarters.

  • The Threat Landscape in Asia & Oceania – Part 2: Korea and Japan

    In part 1 of this series on the threat landscape in Asia and Oceania I focused on Vietnam and India – the two locations with the highest malware infection rates in the region.  In this part of the series, I’m focusing on Korea and Japan.  Historically Korea has had one of the most active threat landscapes and highest malware infection rates in the world, while Japan has had the opposite.