Keeping browsing experience in users’ hands

​In April last year we announced some changes to our criteria around Adware designed to ensure that users maintain control of their experience. These changes are described in our blog, Adware: a New Approach. Since then, we’ve taken policy and enforcement measures to address unwanted behaviors exhibited by advertising programs that take choice and control away from…

23

Microsoft updates Trusted Root Certificate Program to reinforce trust in the Internet

At Microsoft, we are continuously working to deliver on our commitment to the security of our customers and their ecosystems. A core component of our strategy to inform Windows users about the safety of the websites, apps and software they’re accessing online is built into the Microsoft Trusted Root Certificate Program. This program takes root…

5

Microsoft assists law enforcement to help disrupt Dorkbot botnets

Law enforcement agencies from around the globe, aided by Microsoft security researchers, have today announced the disruption of one of the most widely distributed malware families – Win32/Dorkbot. This malware family has infected more than one million PCs in over 190 countries. Dorkbot spreads through USB flash drives, instant messaging programs, and social networks. It…

5

Shields up on potentially unwanted applications in your enterprise

Has your enterprise environment been bogged down by a sneaky browser-modifier which tricked you into installing adware from a seemingly harmless software bundle? Then you might have already experienced what a potentially unwanted application (PUA) can do. The good news is, the new opt-in feature for enterprise users in Windows can spot and stop PUA…

19

​​Does prevalence matter? A different approach to traditional antimalware test scoring

Most well-known antimalware tests today focus on broad-spectrum malware.  In other words, tests include malware that is somewhat indiscriminate (isn’t necessarily targeted), at least somewhat prevalent and sometimes very prevalent. Typically, tests are not focused on specialized threats that are highly targeted, and most avoid including programs that walk the line between good and evil,…

4

Windows Defender: Rise of the machine (learning)

Windows Defender harnesses the power of machine learning, contributing to making Windows 10 Microsoft’s most secure client operating system and providing increased protection against security threats facing consumers and commercial enterprises today. To reduce the number of both false negative and false positive detections our automation pipeline uses a variety of tools and technologies to…

10

Microsoft Security Intelligence Report: Strontium

The Microsoft Security Intelligence Report (SIR) provides a regular snapshot of the current threat landscape, using data from more than 600 million computers worldwide. The latest report (SIRv19) was released this week and includes a detailed analysis of the actor group STRONTIUM  – a group that uses zero-day exploits to collect the sensitive information of…

1

MSRT November 2015: Detection updates

​The Microsoft Malicious Software Removal Tool (MSRT) is updated monthly with new malware detections – so far this year we have added 29 malware families. This month we are updating our detections for some of the malware families already included in the tool. We choose the malware families we add to the MSRT each month…

1

MSRT October 2015: Tescrypt

October’s Microsoft Malicious Software Removal Tool (MSRT) includes detection and remediation for the following families: Tescrypt Blakamba Diplugem Escad Joanap Brambul Drixed This blog focuses on the ransomware family Tescrypt. Tescrypt started showing up early in 2015 and, like most of its file-encrypting predecessors, it does what most typical ransomware does: Searches for specific file…

0

MSRT September 2015: Teerac

As part of our ongoing effort to provide better malware protection, the September release of the Microsoft Malicious Software Removal Tool (MSRT) will include detection for the prevalent ransomware family Win32/Teerac. We first detected Teerac in early 2014. Since then, the family has joined Win32/Crowti and Win32/Tescrypt as one of the most prevalent ransomware families impacting…

0