Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

Browse by Tags

  • Blog Post: Trustworthy Computing: Learning About Threats for Over 10 Years - Part 2

    In part 1 of this series I started comparing what the threat landscape looked like at the turn of the century to what it looks like today. Continuing that theme, today we have released a new special edition Microsoft Security Intelligence Report (SIR) called “ The evolution of malware and the threat...
  • Blog Post: Windows Vista vs Windows XP SP2 Vulnerability Report 2007

    In the wake of my Windows Vista One Year Vulnerability Report , I have received many questions regarding the current vulnerability record of Windows Vista as compares with Windows XP SP2. This short paper is a compilation of vulnerability data for Microsoft Windows Vista and Microsoft Windows XP SP2...
  • Blog Post: Feb09 Security Bulletin SDL Benefit Summary

    Summaries from previous months: Jan09 Security Bulletin SDL Benefit Summary When I do analysis and reports on Microsoft products, I typically look for where the Security Development Lifecycle (SDL) has helped to provide improvement and provide some stats on that.  This year, I decided to try and...
  • Blog Post: Trustworthy Computing: Learning About Threats for Over 10 Years - Part 1

    When I compare what the threat landscape looked like at the turn of the century to what it looks like today it’s clear that things have changed. At the height of the dot-com boom, less than a third of homes in North America and Europe had Internet access [1] , with broadband technologies accounting for...
  • Blog Post: Q1 2008 - Client OS Vulnerability Scorecard

    This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2 Red Hat Enterprise Linux Desktop (v. 5 client) Red...
  • Blog Post: Download: H1 2008 Desktop OS Vendor Report - Vulnerabilities and Days-of-Risk

    This report looks at all of the vulnerabilities fixed by Apple, Microsoft, Red Hat and Ubuntu during the first half of 2008. At the vendor level, the report examines all vulnerabilities as well as Days of Risk (DoR) associated with those vulnerabilities. The report further drills down to examine just...
  • Blog Post: Operating System Infection Rates - Slight Change in the Trend

    Since releasing the new Microsoft Security Intelligence Report Volume 12 (SIRv12) a few weeks ago, one of the top questions I have been asked is about the new malware infection rate data for Windows operating systems. Figure 1: Infection rate (CCM) by operating system and service pack in the fourth...