Microsoft reveals top 25 computer security threats

Microsoft says businesses should continue to remain vigilant in protecting their computers against malware attacks and unwanted software, despite new figures which show infection rates are continuing to fall.

The comments come as the company reveals the results of its Security Intelligence Report for the first half of 2009, which show Australia’s average infection rate has improved from 4.7 out of every 1,000 computers to 3.9, compared to the global average of 8.7.

Out of the top security threats, 70% were malware, or “malicious software”, while 30% consisted of “potentially unwanted software”.

But despite the improvements, Microsoft Australia chief security advisor Stuart Strathdee says businesses should continue to practice safe computer use and continually monitor their systems for unwanted software.

“The web is still a difficult place and there are significant challenges in terms of security for doing business. Particularly for start ups and small companies. If you don’t have a lot of money to use on security, then do basic things like turn on automatic updates for Windows. Keep all of your software up-to-date.”

Additionally, Strathdee says businesses must never use administrator accounts to log in to Windows operating systems. Instead, create a separate day-to-day account in order to conduct regular business.

“The two biggest concerns at the moment are rogue security software, and that’s something people need to be careful of. If you see a pop-up on the computer, even if it looks authentic, don’t follow it. Do lots of searching to make sure it’s reputable.”

“For other problems like phishing, make sure you have newer version of browsers because they often have good phishing filters. Change your passwords every couple of months, because malware may have been sitting on your machine for even years, and if you don’t change your password hackers can still control your accounts.”

The report reveals the most prevalent threat to Australian computers are still bugs known as “Trojans”, with the “Renos” bug the most common threat. The bug automatically downloads unwanted software onto computers, and presents warnings that claim the system is infected with spyware. It then offers to rid the computer of software, but can often do major damage.

The second most popular threat in Australia is the “Zango Search Assistant” adware that monitors browsing activity, while the famous “Conficker” bug, which has even managed to infect government computers worldwide, was only 13th on the top list of threats.

Trojans were the most popular threat, followed by Trojan downloaders and droppers, adware and potentially unwanted software. Spyware was only the second most prominent threat.

Strathdee warns businesses to seek help from large security firms if they are unsure if advertised software is safe. “If you do get into trouble, seek professional assistance from a reputable vendor or expert,” he says.

Top 25 threats:
1. Win32/Renos – (56,732 downloads)
2. Win32/ZangoSearchAssistant – 46,266
3. Win32/Alureon – 43,043
4. ASX/Wimad – 27,948
5. Win32/Vundo – 23,352
6. Win32/FakeXPA – 22,867
7. Win32/Zlob – 22,610
8. Win32/ZangoShoppingreports – 21,794
9. Win32/Hotbar – 20,595
10. Win32/Agent – 19,990
11. Win32/Taterf -12,365
12. Win32/Yektel – 11,341
13. Win32/Conficker -10,663
14. Win32/Koobface – 10,625
15. Win32/FakeRean – 10,618
16. Win32/Winwebsec – 10,413
17. Win32/Tibs – 10,373
18. Win32/SeekmoSearchAssistant – 9,555
19. Win32/InternetAntivirus – 9,090
20. Win32/C2Lop Miscellaneous – 7,801
21. Win32/Obfuscator – 5,733
22. Win32/Frethog Password – 5,575
23. Win32/PowerRegScheduler – 5,522
24. Win32/RealVNC – 5,374
25. Win32/Small – 5,108