Microsoft's latest security report has found that Web-based attacks pose the greatest threat to companies, giving credence to efforts to develop browser alternatives to accessing the Internet.
Microsoft's latest Security Intelligence Report, released Wednesday, is based on data collected in the last half of 2012 from a billion Windows computers in more than 100 countries. The data was collected through Microsoft's Malicious Software Removal Tool, Microsoft's real-time endpoint protection products, Hotmail accounts and Bing.
A key finding is that browser attacks became the greatest threat to enterprise networks, surpassing Conficker, a computer worm that infected more computers than any other since 2003's Welchia. At its height, the self-propagating malware that exploits flaws in Windows software infected millions of computers in homes, businesses and government agencies in more than 200 countries.
The use of iFrames registered a multi-quarter decline until the fourth quarter of last year, when detection rates nearly doubled, Microsoft said. Hackers who embed iFrames in Web pages use them to link to pages that host malware. Seven in 10 threats affecting enterprises were delivered through malicious websites, according to Microsoft.
Attackers have been increasingly targeting the browser over the last couple of years, so it's no surprise that these types of exploits would eventually take the lead. The trend points to the need to develop a different mechanism for interacting with the Web.
While Microsoft remains committed to Internet Explorer, the company is experimenting with a client-side architecture that would replace the browser with a more secure virtualized environment that isolates Web applications. Called Embassies, the technology would have applications run in low-level, native-code containers that would use Internet addresses for all external communications with other applications.
"Reducing the power and access of the browser to the OS is a great way to minimize the attack possibilities of the hacker," said Wolfgang Kandek, chief technology officer for Qualys.
On smartphones and tablets, the browser has become less important because of native apps that connect directly to the Internet, thereby offering a smaller attack surface.
On the PC, companies can bolster browser security by always using the latest version and minimizing the use of plugins, particularly Java and Adobe Reader. In addition, filtering Web browsing through a third-party service that track malicious URLs is also recommended, along with user education about Web threats.
The second most popular exploit was PDF and Word documents, followed by Java and the Windows operating system, respectively.