Version 17 of Microsoft's intelligence report makes for stark reading, although it does appear that some of the security settings of Windows 8 - which are on by default - are helping users, even if researchers say that more than half of all unprotected Windows 8 PCs are in an unprotected state because they are running expired security software.An expired state, says Microsoft, happens when a trial version of an anti-malware product has reached the end of the trial.
"The product may continue to inform you that you need to pay for the software to continue receiving updates, but it stops downloading updates that protect your PC. This often happens when you buy a PC from an online or local store and that PC is pre-loaded with lots of software," says the analysis, noting that users may be fooled into believing that an anti-malware product is still protecting them even if it hasn't downloaded updates in a while.The data says Microsoft, clearly says otherwise, as when researchers compared the infection rates on PCs with expired anti-malware, they found that infection rates were nearly the same as PCs with no protection.
Delving into the report reveals that malware creators work hard at evading detection by conventional security measures, and attackers place a premium on threats that won't be detected by the most current signature files published by security software vendors.
Because of this, Microsoft says that, in addition to blocking the download of files that are known to be harmful, its Smart Screen Filter technology includes an application reputation feature that warns the user before downloading a program file that is not commonly downloaded.
One of the best ways organisations can protect their users from malicious and compromised websites, says the report, is by mandating the use of web browsers with appropriate protection features built in and by promoting safe browsing practices.Microsoft also asserts that real-time anti-malware software is required on all user devices that connect to the Microsoft corporate network.
To be considered compliant with anti-malware policies and standards, the software giant says that anti-malware software signatures must be no more than six days old, and real-time protection must be enabled.
Interestingly, Microsoft's report notes that customers who upgrade to Office 2013 benefit from a host of significant security improvements.
"Since its release, the Office 2013 suite has been affected by fewer parser vulnerabilities than any other supported version of Office by a large margin," notes the report.
According to Keith Bird, Check Point's UK managing director, Microsoft's report is useful as its highlights that malware attacks are increasing in complexity and persisting on systems.
"Our own 2014 report showed that on average, new malware hits companies six times per hour, and two of those malware variants will not be recognised by the organisation's anti-malware solution, so companies do need to deploy multiple layers of defence to protect themselves against the range of complex attacks," he explained.