Security Advisor

Microsoft SIR: App Vulnerabilities on the Rise, Key Gen Malware Out of Control

You had a good half year if you were in the business exploiting application flaws and spreading malware through software key generators.

Microsoft released its bi-annual Security Intelligence Report volume 13 last week.

Featuring a massive 147-page document of security trends, analysis and overview of the security landscape for the first half of 2012, this in-depth look not only focuses on Microsoft-centric security issues but doesn't mind pointing out what others are doing wrong.

The theme for the first half of 2012 was the continual rise of the app vulnerability. Attacks that specialized in exploiting application flaws represented 70 percent of all observed attacks.

Accounting for a good chunk of these was due to the constant troubles found in Java apps. Breaking down the numbers, Java did not have a good second quarter; Microsoft found that 1,494,074 computers observed detected a Java-based exploit in that timeframe. This is a huge jump from its 205,613 number in the first quarter.

And, no surprise here, most application attacks were caused by users failing to install the latest updates.

Another alarming trend Microsoft observed was the increasing rate that attackers are using software activation key generators to distribute their evil wares to the unsuspecting. Detection of malware connected to key generators was seen over five million times in the first six months of this year.

"Keygen detections have increased by a factor of 26 since the first half of 2010 and today Keygen is the number one consumer threat family worldwide, rising above other prevalent threat families like Pornpop, Blacole, Conficker and FakePAV," commented Microsoft's Tim Rains, director of the Trustworthy Computing group. "The prevalence of Keygen varies from location to location, however it is listed as a top 10 threat for 103 of the 105 countries/regions studied in SIRv13.  That means Keygen is in the top 10 list of threats for 98% of the locations we provide analysis for in SIRv13."

And the easiest way to hide this key generator malware is in distributed pirated software. Some of the top software included Adobe Photoshop, Windows OS and Call of Duty.

For those that prefer to obtain their software the legal way, you may want to focus more on the security of your apps instead of looking over your shoulder for keygen malware. And for those nefarious individuals who would rather shop on The Pirate Bay instead of Amazon, hope you think twice every time you need to instigate a full system flush.

This is just a small snippet of Microsoft's findings. Look for more breakouts in future Security Advisor columns.  And for those that can't wait and are looking for a scary story to get into the holiday spirit, the full report can be downloaded here.

What computer threats are you most afraid of? Share your horror stories with me at cpaoli@1105media.com.   

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Reader Comments:

Thu, Oct 18, 2012 Joe USA

Sometimes, we IT professionals are forced to keep old versions of Java around, as old Java versions is needed by 3rd party vertical-market applications that have no replacement. This is a security nightmare, and there is nothing we can do.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.