Volume 5 of the Microsoft Security Intelligence Report is now out, highlights include:
Security vulnerability disclosures - Microsoft and third-party software
Vulnerability Exploits – Microsoft software
Browser-based exploits - Microsoft and third-party software
Security and privacy breaches
Malicious and potentially unwanted software trends
Volume 5 of the SIR also includes a detailed examination of the threat ecosystem which explains how threats propagate across the internet, how users become infected and the resultant impact on privacy and identity theft.
The one item that stood out for me was the move from successfully attacking Microsoft applications and browser objects to attacking and compromising 3rd-party applictions and browser objects.