Microsoft Corp. today released the fourth volume of its Microsoft Security Intelligence Report (SIR) at Infosecurity Europe 2008. The report focuses on the second half of 2007 and uses data derived from a range of tools running on approximately 450 million computers worldwide to provide an in-depth, global view of software vulnerabilities, software exploits, malicious software and potentially unwanted software.

The latest SIR shows the fewest number of security vulnerability disclosures across the software industry since the second half of 2005, along with a rise in malicious and potentially unwanted software, which demonstrates a continued use of malware as a tool for targeting computer users for profit.

More specifically, the second half of 2007 showed a decline in new security vulnerability disclosures by 15 percent and a decrease in total vulnerability disclosures by 5 percent for all of 2007. Vulnerabilities are weaknesses in software that allow an attacker to compromise the integrity, availability or confidentiality of that software. The data also reveals a 300 percent increase in the number of trojan downloaders and droppers — malicious code used to install files on users’ systems — illustrating that the malware category continues to grow in popularity among attackers.