Security events: zero-day exploits

The threat from so called zero-day vulnerabilities has been overblown, according to a new report which may be of interest to people attending security events.

The eleventh volume of Microsoft's Security Intelligence Report found that more than a third of malware detections were down to malicious software that misused the AutoRun feature in Windows.

This was split between those malwares that were spread through removable storage and those spread through network volumes.

It also found that six per cent of the threats detected by the malicious software removal tool (MSRT) were because of exploits, or malicious code that attempts to exploit vulnerabilities in applications or operating systems.

However, of these exploits less than one per cent was caused by zero-day exploit activity.

Marcus Evans presents security events, created by experienced professionals and with information presented by industry experts.