• United States



Microsoft Security Intelligence Report 1H07

Oct 23, 20072 mins
Data and Information Security

The third volume of the Microsoft Security Intelligence Report (SIR) is now available for download at: – this link will take you to a summary portal that has links to the downloadable document, upcoming webcasts about the SIR results, and so on.

As one of the primary authors for the vulnerability trends information, I will be hosting one of the webcasts on November 1, 2007 and you can register here:  Microsoft Security Intelligence Report: Overview of Latest Trends in Vulnerabilities and Malicious Software (Level 100).

If you want to quickly download the report in pdf, click on this link.

There are lots of interesting results (with charts) in the SIR and I encourage you to look the whole report.  However, here are a few of the things I would call out to you.

The number of disclosures of new software vulnerabilities across the industry continuesto be in the thousands, with more than 3,400 new vulnerabilities disclosed in1H07. But this number actually represents a decrease from 2H06, the first period-to-perioddecline in total vulnerabilities since 2003.


Note however, another trend as shown in the chart.  High severity vulnerabilities continue to grow significantly, while the overall total flattened out.   In the full report, you’ll also note a trend reversal with complexity to exploit dropping as well.

There are a couple of other interesting results that I want to call out that you should examine with more detail in the full report

  • Social engineering plays a growing role in overall malware attack techniques.  This is a key result since even with vulnerability-free software, these techniques could succeed against users of any platform.
  • Windows Defender has proportionally detected 2.8 times less potentially unwanted software on computers running Windows Vista than on computers running Windows XP SP2, based on normalized data.   This is a practical measure of benefit that is somewhat more valuable in my opinion than vulnerability comparisons.

That is enough teasers. Download the report at

Regards ~ Jeff

Jeff Jones is a 24-year security industry professional that has spent the last several years at Microsoft helping drive security and privacy progress as part of the Trustworthy Computing group. In this role, Jeff draws upon his security experience to work with enterprise CSOs and Microsoft's internal security teams to drive practical and measurable security improvements into Microsoft process and products. Prior to Microsoft, Jeff was the vice president of product management for security products at Network Associates where his responsibilities included PGP, Gauntlet and Cybercop products, and several improvements in the McAfee product line. These latest positions cap a career focused on security, managing risk, building custom firewalls and being involved in Darpa security research projects while part of Trusted Information Systems. Jeff is a frequent global speaker and writer on security topics ranging from the very technical to more high level, CxO-focused topics such as Security TCO and metrics. Jeff is also a contributor the Microsoft Security Blog ( and writes on a wide range of personal interests (e.g. books, poker, gaming) at