Security Intelligence Report v3 is Live!

I hope you read my yesterday's blog on the RSA story (if not, it is here). I mentioned the Security Intelligence Report there. SIR is actually live in its third version, covering what we saw January to June 2007.

Let me point out some "highlights":

Vulnerability Trends – Unfortunately the trend that high severity keep growing for all software vendors. This is the figure from the report:

Attacks are moving up the stack – obvious, isn't it? We all know that since a long time. We have seen the phishing attacks in the past, we have seen the targeted Trojans, etc. However, in the last 6 months we saw a growth in phishing attacks of 150% compared to the second half of 2006. Targeted Trojans going for Personal Identifiable Information even grew by 500%!

Vista massively less likely to be infected by malware – This is what we expected to see but I am very proud the way it actually turned out. Have a look (this is normalized, so independent of the number of executions of the Malicious Software Removal Tool):

The same view but now by countries in Europe:

So, there is much, much more data in the Security Intelligence Report, where you can even have data on a country level (my friend Ole Tom – the CSA in Norway – showed me the malware in Norway did not grow the last 6 months J). So, go there, download it and have a look. If you want to get insights with webcasts, they will be on our portal as well.

And here is the link: http://www.microsoft.com/security/portal/SIR.aspx

Roger