The report is summarized at the Malware Protection Center and the Executive Summary or full version of the SIR are available at the following Microsoft Download pages:
- Executive Summary: Microsoft Security Intelligence Report (January – June 2008) (112 KB)
- Microsoft Security Intelligence Report volume 5 (January – June 2008) (12.8 MB)
If the complete SIR is more detail than you are ready to digest, I think you will enjoy The Bret and Vinny Show - SIR Volume 5 . The dialog between Bret Arsenault (GM US National Security Team) and Vinny Gullotto (GM Microsoft Malware Protection Center) is "easy listening" and presents a nice discussion of the trends and findings in the latest SIR. I highly recommend it. In fact, why not tune in now?
- "Microsoft vulnerabilities accounted for 42% of the total vulnerabilities on Windows XP for browser based attacks; however, on Windows Vista-based machines the proportion of vulnerabilities attacked in Microsoft software dropped to just 6% of the total. This highlights our not only our continued security investments in the browser but also that attackers are focusing more and more on the applications that run in the browser.
- The infection rate for Windows Vista is significantly lower than Windows XP, regardless of service pack levels. In addition, 64-bit versions of XP and Vista have lower infection rates than their 32-bit counterparts.
- The higher the level of service pack a machine runs, the lower the rate of infection. This is consistent across client and server platforms, across all versions. Clearly, keeping up to date with the latest service pack levels and security patches is beneficial from a security perspective. While we have always thought this to be true, having a data point to prove it is great."
Go to The Bret and Vinny Show - SIR Volume 5 .
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...