Zero day threats overblown claims Microsoft

Microsoft’s Security Intelligence Report says that the problem of zero-day vulnerabilities is overblown.

Volish researchers looked at data from more than 600 million systems in more than 100 countries and came to the conclusion that less than one percent of exploits worldwide were against zero-day vulnerabilities.

In fact 99 percent of attacks in the first half of 2011 distributed malware through social engineering and vulnerabilities for which updates or a “patch” exist.

The conclusion was that cyber criminals appeared less interested in finding new holes in software and were targeting old vulnerabilities. Vole worked out that 90 percent of vulnerabilities exploited had security updates or “patches” available for more than a year.

Of course today’s zero day vulnerabilities are tomorrow’s old vulnerabilities, but Microsoft thinks it has a point when the press gets all hysterical about a new zero day vulnerability.

Instead we should all be worried that the people are behind with their patches and virus checking updates.

According to the report, the zero-day vulnerability is especially alarming for consumers and IT professionals because it combines fear of the unknown and an inability to fix the vulnerability, which leaves users and administrators feeling defenseless.

“It’s no surprise that zero-day vulnerabilities often receive considerable coverage in the press when they arise, and can be treated with the utmost level of urgency by the affected vendor and the vendors’ customers,” the report says.

Vole points out that some small-scale, targeted attacks using zero-day exploits may escape detection and not be included in the final figures. Is it just me, but wouldn’t Zero Day be a great  name for a band?