Security Report Analysis: Microsoft Security Intelligence Report H2-2015


In this Security Report Analysis (SRA) series I look at various security reports and pull out the main points.

This doesn’t replace a complete and detailed read of these reports, but at least you’ll get exposed to some of the key takeaways that you might not otherwise have seen.

Key points

  • A group code-named PLATINUM has been targeting victims in South and Southeast Asia since around 2009. The group uses unmatched vulnerabilities, spear-phishing, and has the ability to create 0-Day and the exploit tools to use them

  • Vulnerability disclosures have trended up in recent years

  • Exploit kits accounted for four of the 10 most common exploits of the second half of 2015

  • Computers that were protected were 3 to 6 times less likely to be infected with malware


  • They talked about Microsoft’s solutions to identity security

  • Then they talked about Microsoft’s solution to email spoofing

  • Not a fan of sales pitches in these types of reports

  • More advertising deeper in the report


  • Don’t like that they don’t have key themes or key points the way the Verizon reports do

  • Definitely need less advertising

  • These reports should be gifts to the community, and the only advertising should be the branding


  1. While this capture can be helpful, I suggest reading the whole report for full context. The writing was remarkably easy to move through.

Related posts: