The Microsoft Security Intelligence Report measures computer infection rates with a metric called computers cleaned per mile (CCM), which indicates the number of computers cleaned by the Microsoft Malicious Software Removal Tool (MSRT) for every 1,000 computers scanned by the tool. (See page v for more information about the CCM metric.)
Most computers that run the MSRT obtain each monthly release of the tool automatically through a Microsoft update service such as Windows Update. It executes in the background and automatically removes selected prevalent malware families from the computer. Recent releases of the MSRT collect and report details about the state of real-time antimalware software on the computer, if the computerâ€™s administrator has chosen to opt in to provide data to Microsoft. This telemetry makes it possible to analyze security software usage patterns around the world and correlate them with infection rates.
Figure 2. Unprotected computers each month in 2H12.
On average, about 24 percent of computers scanned by the MSRT each month in 2H12 were not running real-time antimalware software or were running out-of-date antimalware software at the time they were scanned (referred to as â€œunprotected computersâ€ in this section). As Figure 3 shows, these computers were significantly more likely to be infected with malware than computers with up-to-date real-time protection (â€œprotected computersâ€).
Figure 3. Infection rates for protected and unprotected computers each month in 2H12
Computers that did not have up-to-date real-time antimalware protection were 5.5 times more likely on average to report malware infections each month than computers that did have protection. The CCM for unprotected computers ranged from 11.6 to 13.6, and the CCM for protected computers ranged from 1.4 to 3.8.