04-江明灶 中国安全近况概述.pdf

Microsoft Security Intelligence Report Volume 5 –China Findings 微软安全信息报告第五集 – 中国安全 近况概述 江明灶 Meng-Chow Kang, PhD, CISSP, CISA Chief Security Advisor Microsoft Greater China Region This 5th volume of the Security Intelligence Report contains data and trends observed over the past several years, but focuses on the first half of 2008 (1H08) Focuses on Software Vulnerability Disclosures Software Vulnerability Exploits Browser-based Exploits Malicious Software Potentially Unwanted Software Security breaches (privacy) Spam Phishing Threats Special focus sections on: The Threat Eco-system Malware Signed Code Security Researcher Conferences Trustworthy Computing Data sources Software Vulnerability Disclosures Common Vulnerabilities and Exposures Website National Vulnerability Database (NVD) Web site / Security Web sites Vendor Web sites and support sites Trustworthy Computing Data sources Software Exploits Variety of public sources, including exploit archives, antivirus alerts, mailing lists, security related websites Microsoft Security Bulletins /technet/security SecurityFocus Trustworthy Computing Data sources Malicious Software and Potentially Unwanted Software Data from several hundred million computers worldwide MSRT has a user base of hundreds of millions of unique computers worldwide Main Customer Segment Malicious Software Spyware and Potentially Available at Main