Microsoft: Conficker still the top corporate network threat

The worm won't go away

Companies are still plagued by the Conficker worm, used to create botnets and spread other forms of malware, according to the latest Microsoft Security Intelligence Report.

In fact the worm is the top threat businesses face, and the report details simple steps that could be taken to curtail it, according to Tim Rains, Microsoft's director of trustworthy computing in a video offering highlights of the report. The full report is scheduled to be released later today.

BACKGROUND: Ukraine disrupts $72M Conficker hacking ring 

On the rise are exploits that are carried out via vulnerabilities in HTML and Java Script, which are up steeply in the second half of 2011, the period covered by the report, Rains says. He did not quantify that jump.

Much of the increase can be blamed on the Black Hole Exploit Kit, he says, which enables the fashioning of attacks that bypass the Java Runtime Environment's sandbox platform that is supposed to isolate attack code from the rest of the host machine. By getting outside the sandbox, attackers can install malicious code remotely.

More: FBI: Investment scams, Black Hole exploit kit lead cybercrime wave

The report also details exploits that target vulnerabilities in document readers and editors, attacks that were up in the fourth quarter of 2011, Rains says.

Industry-wide, software vulnerabilities found in the second half of 2012 were down 10% from the first half of the year, he says. High severity vulnerabilities were down 31% over the same period.

Low complexity vulnerabilities - the easiest to exploit - accounted for 55% of all disclosed vulnerabilities during the report period.

Malware detected in the U.S. remained about the same between the first and second halves of 2011, but it was up 30% in Germany between the third quarter and the fourth quarter, and up 28% in Russia.

Microsoft Security Intelligence Reports are issued twice a year based on data the company collects from more than 600 million systems in 100 countries or regions. It pulls data from scanned Hotmail accounts, Microsoft Security Essentials, its Malicious Software Removal Tool and from Web pages scanned by Microsoft's Bing search.

Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at and follow him on Twitter!/Tim_Greene

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about etworkFBIHotmailLANMicrosoft

Show Comments