Zero day exploits account for just one per cent of threats

Just one per cent of exploits discovered in the first half of 2011 related to zero day vulnerabilities, proving that simple security best practice such as timely patching would solve the majority of threats, according to the latest Microsoft Security Intelligence Report released on Tuesday.

Presenting the six monthly research at RSA Conference Europe, Microsoft's general manager of Trustworthy Computing, Adrienne Hall, explained that familiar threats including social engineering, brute force attacks and auto run threats continue to make up the largest percentage of attacks.

"Some 99 per cent have existing remediations and updates in place but people are still not doing all they can to protect their systems," she added.

"Less than one per cent were zero day attacks. It is a pressing and concerning attack type but is a very small percentage and we need to bear that in mind."

Hall argued that moving many common enterprise applications including email and CRM into the cloud would help firms reduce their risk level.

"If we move and manage these apps in the cloud then firms can transfer a level of security risk to the cloud provider to allow them to do that for you," she said.

"It also means that large organisations can look at their IT staff and have them focus on innovation rather than managing the risk profile of that organisation."

Knowing that most threats are preventable should focus the minds of IT managers on better user education, in order to guard against social engineering and to improve password security, the report suggested.

Industry-disclosed vulnerabilities are also down by nearly a quarter since 2010, the report found, proving the importance of building security into products and services from the start.

However, despite the low percentage of zero day threats observed in the wild, the effect of just one of these attacks on an organisation can be devastating.

RSA Security is still coming to terms with the breach of its systems by a targeted zero day exploit hidden inside a malicious email attachment, which forced the company to offer all of its customers replacement SecureID tokens and led to at least one defence contractor being attacked.