Microsoft: Conficker still the top corporate network threat

Latest Microsoft Security Intelligence Report report says HTML, Java Script exploits on the rise

Companies are still plagued by the Conficker worm, used to create botnets and spread other forms of malware, according to the latest Microsoft Security Intelligence Report.

In fact the worm is the top threat businesses face, and the report details simple steps that could be taken to curtail it, according to Tim Rains, Microsoft's director of trustworthy computing in a video offering highlights of the report. The full report is scheduled to be released later today.

BACKGROUND: Ukraine disrupts $72M Conficker hacking ring 

On the rise are exploits that are carried out via vulnerabilities in HTML and Java Script, which are up steeply in the second half of 2011, the period covered by the report, Rains says. He did not quantify that jump.

Much of the increase can be blamed on the Black Hole Exploit Kit, he says, which enables the fashioning of attacks that bypass the Java Runtime Environment's sandbox platform that is supposed to isolate attack code from the rest of the host machine. By getting outside the sandbox, attackers can install malicious code remotely.

More: FBI: Investment scams, Black Hole exploit kit lead cybercrime wave

The report also details exploits that target vulnerabilities in document readers and editors, attacks that were up in the fourth quarter of 2011, Rains says.

Industry-wide, software vulnerabilities found in the second half of 2012 were down 10% from the first half of the year, he says. High severity vulnerabilities were down 31% over the same period.

Low complexity vulnerabilities - the easiest to exploit - accounted for 55% of all disclosed vulnerabilities during the report period.

Malware detected in the U.S. remained about the same between the first and second halves of 2011, but it was up 30% in Germany between the third quarter and the fourth quarter, and up 28% in Russia.

Microsoft Security Intelligence Reports are issued twice a year based on data the company collects from more than 600 million systems in 100 countries or regions. It pulls data from scanned Hotmail accounts, Microsoft Security Essentials, its Malicious Software Removal Tool and from Web pages scanned by Microsoft's Bing search.

Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at and follow him on Twitter!/Tim_Greene

From CSO: 7 security mistakes people make with their mobile device
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies