Industry Vulnerability Disclosures Trending Up

A vulnerability disclosure, as the term is used in the Microsoft Security Intelligence Report, is the revelation of a software vulnerability to the public at large. Disclosures can come from a variety of sources, including publishers of the affected software, security software vendors, independent security researchers, and even malware creators. The vulnerability disclosure data in the Security Intelligence Report is compiled from vulnerability disclosure data that is published in the … Read more »

What will cybersecurity look like in 2025?, Part 3: How Microsoft is shaping the future of cybersecurity

Today’s post concludes our three-part series on Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain which presented three views of the world and cyberspace in 2025—Plateau, Peak, and Canyon. PEAK – the Peak scenario represents a world of innovation, where information and communications technology (ICT) fulfills its potential to strengthen governance models, economies and societies PLATEAU –  the Plateau scenario is a “status quo” world, in which political, economic and societal forces … Read more »

What will cybersecurity look like in 2025?, Part 2: Microsoft envisions an optimistic future

The future of cybersecurity will be influenced by more than just technical factors like the spread of malware, or even targeted cyber-attacks.  Global responses to social issues such as population growth, educational investments, or even trade liberalization will also play a significant role.  Continuing our series examining what cybersecurity will look like in the year 2025, let’s look at how the technology and social policy decisions addressing important issues, will … Read more »

What will cybersecurity look like in 2025?, Part 1: The catalysts that will shape the future

Cybersecurity challenges are emerging not just from the commonly recognized sources – criminals, malware, or even targeted cyber-attacks – they can grow from public policies as well.  A research report we released last month, Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain, seeks to look over the horizon and beyond technical trends to anticipate future catalysts for change as well as equip policy makers for tomorrow’s digital landscape. Read more

Microsoft Takes Legal Action to fight Malware: Bladabindi and Jenxcus

Today, Microsoft filed a civil suit against a Dynamic DNS provider in the U.S. (Vitalwerks Internet Solutions, LLC (doing business as and identified two individuals who are believed to have used this DNS provider to spread and control dangerous malware (Bladabindi and Jenxcus) to unsuspecting victims. Bladabindi or Jenxcus was encountered more than 7.4 million times over the past twelve months worldwide. The two people identified allegedly used social media to … Read more »

How Vulnerabilities are Exploited: the Root Causes of Exploited Remote Code Execution CVEs

It is impossible to completely prevent vulnerabilities from being introduced during the development of large-scale software projects. As long as human beings write software code, mistakes that lead to imperfections in software will be made – no software is perfect. Some imperfections simply prevent the software from functioning exactly as intended, but other bugs may present vulnerabilities. Manual code reviews performed by developers and testers, in concert with automated tools … Read more »

When Vulnerabilities are Exploited: the Timing of First Known Exploits for Remote Code Execution Vulnerabilities

One of the questions I get asked from time to time is about the days of risk between the time that a vulnerability is disclosed and when we first see active exploitation of it; i.e. how long do organizations have to deploy the update before active attacks are going to happen?  Trustworthy Computing’s Security Science team published new data that helps put the timing of exploitation into perspective, in the … Read more »

Who Exploits Vulnerabilities: the Path from Disclosure to Mass Market Exploitation

Vulnerabilities are weaknesses in software that enable an attacker to compromise the integrity, availability, or confidentiality of the software or the data that it processes. Some of the worst vulnerabilities allow attackers to exploit the compromised system by causing it to run malicious code without the user’s knowledge.  New research in the latest volume of the Microsoft Security Intelligence Report, volume 16, provides insight into the journey that remote code … Read more »

Keeping Oracle Java updated continues to be high security ROI

New data from the recently-published Security Intelligence Report volume 16 (SIRv16) suggests that keeping Java up-to-date with security updates is one of the most effective ways to protect environments from attackers.  One of the most popular tactics attackers use to try to exploit vulnerabilities in Java is using exploit kits.    Exploit kits used by cybercriminals to attack software have been around since at least 2006 in various forms. In 2010, … Read more »

Regional Threat Assessments: New Interactive Capabilities

If you follow our blog, then you are likely aware that we recently released Volume 16 of the Microsoft Security Intelligence Report.  What you may not be aware of is that with this release, we overhauled the Regional Threat Assessment section of our website to give visitors a much more robust interactive digital experience. This blog post is intended to provide a summary of the enhancements that are now available. … Read more »