Microsoft SIR informs but offends

In Tuesday's IT Blogwatch, Richi Jennings watches bloggers watch Microsoft's latest Security Intelligence Report. Not to mention the "hilarious consequences" arising from a misused Out-of-Office auto-reply...

Gregg Keizer reports:

Although computers running Windows Vista are significantly less likely to be infected with attack code than machines running Windows XP, the newer operating system continues to be threatened by Microsoft Corp.'s own ActiveX browser plug-in technology, according to a report issued Monday by the company.
...
During that time, while half of the top 10 browser-based attacks against Windows XP machines relied on vulnerabilities in Microsoft's own software, none of the top 10 attacks against Vista systems did. Instead, the overwhelming majority of the browser attacks targeting Vista leveraged bugs in third-party companies' ActiveX controls.
...
Two of the eight vulnerability ActiveX controls were part of RealNetworks Inc.'s RealPlayer media player plug-in; another was part of Apple Inc.'s QuickTime player. Both vendors have had to repeatedly patch their programs this year. Apple alone has patched a total of 30 QuickTime vulnerabilities in five updates in 2008.

The Grauniad's Jack Schofield sucks on his pipe:

Microsoft has made its operating systems more secure with XP SP2/3 and Vista, so cybercriminals have shifted their attack to third-party applications -- 90% of newly reported vulnerabilities involve applications, and only 10% affect operating systems.
...
Third-party vulnerabilities are targeted by 94% of the browser-based attacks on Vista, and 58% of the attacks on XP.
...
Clearly it's important to install security updates for third-party applications, and to have Windows Update picking up patches. Fact is, the most-exploited vulnerability in XP was fixed in April 2006, which is 2.5 years ago. If people are still getting Trojan downloads via this flaw, whose fault is it?

Benjamin J. Romano takes a global view:

Malware infections as measured by Microsoft are worst in many developing economies, such as Brazil and North Africa.
...
Brazil's computers are plagued by "password stealers and monitoring tools," representing about 60 percent of the malware cleaned from machines there ... China, meanwhile, faces malware aimed specifically at the Chinese-language market, including "pop-up advertisement toolbars" and "browser modifiers."

Microsoft's Paul Cooke likes what he reads:

Microsoft vulnerabilities accounted for 42% of the total vulnerabilities on Windows XP for browser based attacks; however, on Windows Vista-based machines the proportion of vulnerabilities attacked in Microsoft software dropped to just 6% of the total.
...
The infection rate for Windows Vista is significantly lower than Windows XP, regardless of service pack levels. In addition, 64-bit versions of XP and Vista have lower infection rates than their 32-bit counterparts.

But Brian Krebs is wary of geeks bearing gifts: [You're fired -Ed.]

Much of the data in this report reads a bit like an ad for Microsoft Vista, Redmond's latest version of Windows. The software giant includes a number of graphics explaining why consumers are safer using Vista than any other Microsoft OS. But it fails to mention that the feature that probably protects users the most -- called "user account control" -- pops up an annoying "are you sure you want to do this" message so many times that people are apt to eventually turn it off
...
Redmond found that Trojan horse programs - specifically, those that attempt so-called drive-by downloads -- were responsible for the biggest share of malicious software Microsoft removed from systems this year (about 30 percent). The overwhelming majority of that malware highlights non-existent threats on the victim's PC in an effort to scare the victim into buying bogus security software.

Microsoft said "Win32/Zlob" and "Win32/Renos," both long associated with these "scareware" products, were responsible for 96 percent of computers scrubbed of Trojans and downloaders.

Scott Gilbertson cuts to the chase:

Microsoft is doing its best to keep your PC secure, but you’re screwing up its efforts by naively falling for Tony Soprano’s ever more sophisticated tricks and scams.

That’s the takeaway from Microsoft’s most recent Security Intelligence Report ... unfortunately some of the biggest threats are coming from organized crime groups and use phishing techniques that Microsoft claims it can’t patch.

The result is a portrait of web security where the greatest threat, according to Microsoft anyway, is unsophisticated users and non-Microsoft software ... even if Microsoft’s conclusion is suspect, there’s no question that increasingly sophisticated phishing attacks are, and will likely continue to be, the biggest and most difficult threat the average user faces.

But Dwight Silverman wonders:

Yes, there are variables that Microsoft can't control, and users who click before they think and poorly written third-party programs are indeed among them.

But is Microsoft passing the buck here? Is there more it can do to bring software developers into line, or keep users from hurting themselves?

And finally...

• Sy a 'n ddigrif chwedl [ag ddiolch at: Alan Brown]

Buffer overflow:

• Noah Shachtman: Air Force Aims to 'Rewrite Laws of Cyberspace'
• Brian's Brain: Intel Vs AMD: The Final Chapter Entry?
• Search Engine Watch: Microsoft Study Reveals Online and Digital Behavior of Women
• Information Aesthetics: Citizen-Driven US Election Monitoring System
• Official Google Blog: Visualizing data in the cloud
• Save the Internet: White Spaces for the People

Other Computerworld bloggers:

• Seth Weintraub: Obama makes his technology case
• Todd R. Weiss: Find online info on where to vote
• Todd R. Weiss: Georgia early voting update
• Matt Hamblen: The first cell phone, for me, replaced the bag phone
• Don Tennant: What, me worry?
• John Brandon: Digg Labs: Good visual aggregators, but no filter
• Dan Tynan: Will the next president be virtual?
• SJVN: 3 out of 10 Asus PCs run desktop Linux
• Todd R. Weiss: Election 2008: Live blog
• Mike Elgan: Tiny, inexpensive projector hits
• Todd R. Weiss: Report: Flipped votes in Texas early e-voting
• Preston Gralla: More reasons Windows 7 will kill Linux
• Seth Weintraub: Opera Mini on iPhone goes back and forth without havin' gone nowhere
• Shark Tank: Certifiable
• Douglas Schweitzer: So much for the Paperwork Reduction Act!

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 23 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.

Previously in IT Blogwatch:

• AOL acts all foolish and juvenile
• EXTRA: Will Windows 7 be a trick or a treat?
• Boo! Scary software patents are dead, dead, DEAD!