This morning, we released the latest version of the Microsoft Security Intelligence Report (SIRv6), examining industry-wide software vulnerability disclosures, Microsoft vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software.
I am one of the primary contributors to the SIRs, so naturally I think you should download it immediately and read it cover to cover However, I understand that some of you may not wish to read a 150 page technical analysis document, except as a way to fight off insomnia.
Because of that, if you go over to the main SIR page at www.microsoft.com/sir, there is also a “Key Findings” document that is much more concise and provides a nice summary of the findings from each section.
For my section, on Industry and Microsoft vulnerability disclosures, I’ll be posting up some brief PowerPoint screencasts over the next few days where I’ll talk through my findings while showing some pretty graphs.
Regards ~ Jeff