Microsoft Security Intelligence Report

Welcome to the interactive Microsoft Security Intelligence Report. We created this site as a complement to our annual report to enable you to dig into the data in more detail.

Some key highlighted takeaways may differ from the written report as we add new data monthly. Come back and visit often to check in on the latest security trends.

For a deeper assessment and recommendations on how to protect against threats, download the Microsoft Security Intelligence Report at www.microsoft.com/sir.

Drive-by download pages

A drive-by download (DBD) is an unintentional download of malicious code to an unsuspecting user’s computer when they visit a web site. The malicious code could be used to exploit vulnerabilities in web browsers, browser add-ons, applications, and the operating system. Users can be infected with malware simply by visiting a website, even without attempting to download anything. In our research, we track drive-by downloads that affect web browser vulnerabilities.

Drive-by downloads can be hosted on legitimate websites. Attackers gain access to legitimate sites through intrusion or by posting malicious code to a poorly secured web form, like a comment field on a blog. It can be difficult for even an experienced user to identify a compromised site from a list of search results. More advanced drive-by download campaigns can also install ransomware or even cryptocurrency mining software on a victim machine.

The graph and map on the right show the monthly average volume of drive-by download pages detected for every 1,000 pages indexed by Bing (search engine) for the timeframe and country/countries selected. Toggle between Worldwide and Country Comparison for a detailed view of the countries you’ve selected.


Next section

Click to interact with Drive-by download dashboard
Click to interact with dashboard