The latest volume of the Microsoft Security Intelligence Report is now available. This volume of the report focuses on the threat landscape in the second half of 2014 when there were some dramatic changes.
The vulnerability disclosure data published in the report suggests that there was a 56.3% increase in vulnerability disclosures between the third and fourth quarters of 2014. After many periods of relatively small changes in disclosure totals, the 4,512 vulnerabilities disclosed during the second half of 2014 is the largest number of vulnerabilities disclosed in any half-year period since the CVE system was launched in 1999. Disclosures of vulnerabilities in applications other than web browsers and operating system applications increased 98.3% in the second half of 2014 and accounted for 76.5% of total disclosures for the period.
Figure 1. Industry wide vulnerability disclosures between the first half of 2012 (1H12) and the second half of 2014 (2H14)
Figure 2. Industry wide operating system, browser, and application vulnerabilities between the first half of 2012 (1H12) and the second half of 2014 (2H14)
Overall, encounters with Java exploits continued to decrease significantly in the second half of 2014, while Flash Player exploit attempts increased.
Figure 3. Trends for the top Java exploits detected and blocked by Microsoft real-time antimalware products in 2014
Figure 4. Adobe Flash Player exploits detected and blocked by Microsoft real-time antimalware products in 2014
Regional threat assessments are available for over 100 countries as well as an online tool that enables you to quickly compare two locations.
Figure 5. Infection and Encounter Rate Trends tool available at www.microsoft.com/security/sir/threat
This post is a copy of the Microsoft June 2015’s Security Newsletter and is copied here to share info with you….
This Document is a must read for Any Security or IT professional