%3CLINGO-SUB%20id%3D%22lingo-sub-396313%22%20slang%3D%22en-US%22%3EMS%20Security%20Intelligence%20Report%20Volume%206%20Released%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-396313%22%20slang%3D%22en-US%22%3E%0A%20%26lt%3Bmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%26gt%3B%3CSTRONG%3EFirst%20published%20on%20TechNet%20on%20May%2028%2C%202009%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%20%3CA%20href%3D%22http%3A%2F%2Fblogs.technet.com%2Fb%2Faskds%2Farchive%2Ftags%2FNed%2BPyle%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Ned%20%3C%2FA%3E%20here%20again.%20If%20you%20are%20at%20all%20interested%20in%20security%2C%20here%20is%20a%20must-read%3A%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%3CA%20href%3D%22http%3A%2F%2Fwww.microsoft.com%2Fdownloads%2Fdetails.aspx%3FFamilyID%3Daa6e0660-dc24-4930-affd-e33572ccb91f%26amp%3Bdisplaylang%3Den%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20Microsoft%20Security%20Intelligence%20Report%20volume%206%20(July%20-%20December%202008)%20%3C%2FA%3E%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20This%20covers%20trends%20and%20perspectives%20on%3A%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%3CUL%3E%0A%20%20%20%3CLI%3ESoftware%20vulnerabilities%20(both%20in%20Microsoft%20software%20and%20in%20third-party%20software)%3C%2FLI%3E%0A%20%20%20%3CLI%3ESoftware%20exploits%3C%2FLI%3E%0A%20%20%20%3CLI%3ESecurity%20and%20privacy%20breaches%3C%2FLI%3E%0A%20%20%20%3CLI%3EMalicious%20and%20potentially%20unwanted%20software%3C%2FLI%3E%0A%20%20%20%3CLI%3EE-mail%2C%20spam%2C%20and%20phishing%3C%2FLI%3E%0A%20%20%3C%2FUL%3E%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20It's%20not%20for%20the%20skimmer%20-%20it's%20184%20pages%20of%20very%20detailed%20analysis%2C%20and%20some%20of%20them%20are%20eye-opening.%20Such%20as%20the%20finding%20that%20industry-wide%2C%20roughly%2090%25%20of%20all%20vulnerabilities%20in%20this%20period%20were%20found%20to%20be%20in%20applications%20and%20browsers%2C%20not%20operating%20systems.%20What's%20your%20company's%20application%20patching%20strategy%3F%20What%20about%20your%26nbsp%3Bapplication%20vendors'%20strategy%3F%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20For%20a%20quick%20sum%20up%20read%2C%20check%20out%20the%20smaller%20'Key%20Findings'%20download%2C%20or%20stop%20by%20the%20%3CA%20href%3D%22http%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fportal%2Fsir.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20MS%20Malware%20Protection%20%3C%2FA%3E%20portal.%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%3CP%3E-%20Ned%20%22Anti-Social%20Engineering%22%20Pyle%3C%2FP%3E%0A%20%0A%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-396313%22%20slang%3D%22en-US%22%3EFirst%20published%20on%20TechNet%20on%20May%2028%2C%202009%20Ned%20here%20again.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-396313%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Einfrastructure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Ened%20pyle%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft
First published on TechNet on May 28, 2009
Ned here again. If you are at all interested in security, here is a must-read:

Microsoft Security Intelligence Report volume 6 (July - December 2008)

This covers trends and perspectives on:

  • Software vulnerabilities (both in Microsoft software and in third-party software)
  • Software exploits
  • Security and privacy breaches
  • Malicious and potentially unwanted software
  • E-mail, spam, and phishing


It's not for the skimmer - it's 184 pages of very detailed analysis, and some of them are eye-opening. Such as the finding that industry-wide, roughly 90% of all vulnerabilities in this period were found to be in applications and browsers, not operating systems. What's your company's application patching strategy? What about your application vendors' strategy?

For a quick sum up read, check out the smaller 'Key Findings' download, or stop by the MS Malware Protection portal.

- Ned "Anti-Social Engineering" Pyle