Newly updated MMPC whitepapers now available

Would you like to know more about the MMPC, and how we protect computer users worldwide? We have released new versions of two whitepapers which describe how the MMPC operates, and provide an introduction to the antimalware technologies that the MMPC supports. The two new papers are: – Malware Research and Response at Microsoft: This…


Announcing Microsoft Security Intelligence Report, Volume 8!

The eighth volume of the Microsoft Security Intelligence Report is going live today.  Inside, you’ll find 248 pages of in-depth information about malware, spam, malicious Web sites, vulnerabilities, and exploits that are relevant to the Windows platform.  This volume contains a new Mitigation Strategy section that provides collective advice and best practices from our own…


Fake Security Software All Up

In a recent blog posted on 18th November we talked about the significant threat that AV rogues had posed for our users this year.  Besides the prevalent rogues covered by the MSRT, the following is a longer list of AV rogues detected by Microsoft AV products such as Microsoft Security Essentials, Forefront Client Security, etc….


A Peek at MSRT November Threat Reports

By continuing to include new variants of the existing threat families, the MSRT has removed malware from more than 1.5 million machines three days after its release on 10 November.  This month we’ve also added Win32/FakeVimes and Win32/PrivacyCenter to the MSRT detection and have removed these new rogues from more than 110,000 machines.  A lot…


What’s Another 32-bits to Malware?

The migration of PC computing from 32-bit to 64-bit is in full swing at last, and if you’ve been confused as to what it all means, you’re not alone.  PCs built for years now have been capable of running both 32-bit and 64-bit operating systems, but for that you need 64-bit version of Windows (and…


Plays Well With Others

Just over a week ago the Microsoft Malware Protection Center released the seventh edition of our Security Intelligence Report covering the first half of 2009.  Like all of our previous reports we have distilled information and insight from the wide array of telemetry we have available to us. New to this edition, however, is the inclusion…


Greetings from Tokyo…

This year at the PacSec conference, I will present a Microsoft view of the threat landscape during the first six months in 2009. It will be based on telemetry data published in the latest Security Intelligence Report (SIR) published on Nov 2nd, 2009. You can find agenda of the conference at http://pacsec.jp/agenda.html From data gathered…


MSRT August Top Detection Reports

This month the MMPC added a new threat family, Win32/FakeRean, to the MSRT.  You can refer to Hamish’s blog post, “Win32/FakeRean and MSRT” for more details on this fake, or rogue, security software.  As of August 24, the MSRT had cleaned FakeRean from 162,328 infected machines.  The following table shows data gathered from the MSRT…


Win32/FakeRean and MSRT

This month we added another rogue to the MSRT family list – Win32/FakeRean. Win32/FakeRean is generally very similar to Win32/InternetAntivirus and Win32/FakeXPA, which we continue to see in large numbers each month. Following the fashion, Win32/FakeRean is distributed as several variants, each with a different name and a different “skin”. Its interface is actually rendered from…


PDF E-ducation

Recently, Marian and Andrei presented a paper at the CARO Workshop about PDF vulnerabilities and exploits related to them. As we presented in our latest Security Intelligence Report, there was an increase in the use of these exploits, and the trend keeps going on. Since the beginning of the year, we have received over five…