The Microsoft Security Intelligence Report (SIR)

I have skimmed through the report and i cant wait to digest it further. It has critical intelligence details about the security architecture aof Microsoft OS, I truly recommend this for ICT security experts.

The report discusses the vulnerabilities discovered in windows in area of adobe applications, java applications, Document parser exploits,HTML and JavaScript exploits in detailed graphs and statistics. The report also touches on malware, Email threats.

For intelligence diggers, the most interesting bit is how the report comprehensively maps about the most affected area, this will help the security admins to determine the level of security required to secure the systems.

Get a copy here! Ket me know your opinion…

About this report
The Microsoft Security Intelligence Report (SIR) focuses on software vulnerabilities, software vulnerability exploits, and malicious and potentially unwanted software. Past reports and related resources are available for download at We hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.

Reporting period
This volume of the Microsoft Security Intelligence Report focuses on the third and fourth quarters of 2012, with trend data for the last several years presented on a quarterly basis. Because vulnerability disclosures can be highly inconsistent from quarter to quarter and often occur disproportionately at certain times of the year, statistics about vulnerability disclosures are presented on a half-yearly basis. Throughout the report, half-yearly and quarterly time periods are referenced using the nHyy or nQyy formats, where yy indicates the calendar year and n indicates the half or quarter. For example, 1H12 represents the first half of 2012 (January 1 through June 30), and 4Q11 represents the fourth quarter of 2011 (October 1 through December 31). To avoid confusion, please note the reporting period or periods being referenced when considering the statistics in this report.

This report uses the Microsoft Malware Protection Center (MMPC) naming standard for families and variants of malware and potentially unwanted software. For information about this standard, see “Microsoft Malware Protection Center Naming Standard” on the MMPC website. In this report, any threat or group of threats sharing a common unique base name is considered a family for the sake of presentation. This includes threats that may not otherwise be considered families according to common industry practices, such as adware programs and generic detections.Infection rates are given using a metric called computers cleaned per mille (CCM), which represents the number of computers cleaned for every 1,000 executions of the MSRT. For example, if the MSRT has 50,000 executions in a particular location in the first quarter of the year and removes infections from 200 computers, the CCM for that location in the first quarter of the year is 4.0 (200 ÷ 50,000 × 1,000). For periods longer than a quarter, the CCM is averaged for all quarters contained in the period.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s