Microsoft’s new Security Intelligence Report shows that malware attacks on Windows systems are up, with the Stuxnet Shell attack bug being the most popular. Data for this report was taken from the 600 million computers worldwide that run services like Windows Defender and the Microsoft Malicious Software Removal Tool. The report found that vulnerability disclosures increased by more than 9% after over 3,000 bugs were reported between June and December of last year.
The number of attacks on Windows systems around the world jumped to 20% in the second half of last year, showing a 6% increase. Two browser modifiers were responsible for the rise in malware encounters. Although the number of malware attacks is rising, the amount of times attackers are able to successfully infect a device is declining.
Last month, Microsoft revealed that ransomware accounted for only a small fraction of malware that targeted Windows machines. Ransomware disclosures last year were at less than 0.5% but Microsoft says that this type of malware will be on the rise. Additionally, encounters with exploit kits are back on the rise and increased by more than 33%.
According to the report, high severity vulnerability disclosures were up by over 40% in the last half of 2015. Attack vectors for the high severity vulnerabilities were likely third-party Windows applications. Overall vulnerability disclosures increased by 9.4% in the second half of the year, and 50% of those vulnerabilities were considered medium risk.
The increase in malware attacks should be concerning for organizations that store confidential information on Windows devices. Organizations can use the following methods to keep their networks secure:
- Use endpoint software to automatically roll out patch updates. Automatic security updates can keep hackers from exploiting vulnerabilities in older versions of software.
- Apply partitions so employees don’t have access to all networks. By partitioning information, organizations can keep some of their data secure even if a breach occurs.
- Use asset management software to track details of virtual infrastructure and non-IT assets. Asset management software can help IT teams perform regular audits and security checks.
Promisec Endpoint Manager (PEM) is an agentless solution that provides cyber threat detection so organizations won’t have to worry about malware threats. PEM inspects all assets of endpoint assets, and provides extensive context so IT security teams can detect threats before they are able to cause problems for the organization. Microsoft’s report found that devices managed by IT staff are less likely to encounter malware. IT security teams can rely on PEM to immediately show when systems are no longer compliant with organizational security standards. Security teams can also load best practice standards directly into PEM, which allows them to gauge overall endpoint risk. With PEM’s detailed reporting capabilities, IT teams and executives alike can see where their networks are vulnerable and fix any issues before they cause damage.