moving directories

windows/security/threat-protection/intelligence/TOC.md

@@ -1,47 +1,47 @@
-# [Understand malware & other threats](index.md)
+# [Understand malware & other threats](index.md)
-
+
-## [Prevent malware infection](prevent-malware-infection.md)
+## [Prevent malware infection](prevent-malware-infection.md)
-
+
-## [Malware names](malware-naming.md)
+## [Malware names](malware-naming.md)
-
+
-## [Coin miners](coinminer-malware.md)
+## [Coin miners](coinminer-malware.md)
-
+
-## [Exploits and exploit kits](exploits-malware.md)
+## [Exploits and exploit kits](exploits-malware.md)
-
+
-## [Macro malware](macro-malware.md)
+## [Macro malware](macro-malware.md)
-
+
-## [Phishing](phishing.md)
+## [Phishing](phishing.md)
-
+
-## [Ransomware](ransomware-malware.md)
+## [Ransomware](ransomware-malware.md)
-
+
-## [Rootkits](rootkits-malware.md)
+## [Rootkits](rootkits-malware.md)
-
+
-## [Supply chain attacks](supply-chain-malware.md)
+## [Supply chain attacks](supply-chain-malware.md)
-
+
-## [Tech support scams](support-scams.md)
+## [Tech support scams](support-scams.md)
-
+
-## [Trojans](trojans-malware.md)
+## [Trojans](trojans-malware.md)
-
+
-## [Unwanted software](unwanted-software.md)
+## [Unwanted software](unwanted-software.md)
-
+
-## [Worms](worms-malware.md)
+## [Worms](worms-malware.md)
-
+
-# [How Microsoft identifies malware and PUA](criteria.md)
+# [How Microsoft identifies malware and PUA](criteria.md)
-
+
-# [Submit files for analysis](submission-guide.md)
+# [Submit files for analysis](submission-guide.md)
-
+
-# [Safety Scanner download](safety-scanner-download.md)
+# [Safety Scanner download](safety-scanner-download.md)
-
+
-# [Industry collaboration programs](cybersecurity-industry-partners.md)
+# [Industry collaboration programs](cybersecurity-industry-partners.md)
-
+
-## [Virus information alliance](virus-information-alliance-criteria.md)
+## [Virus information alliance](virus-information-alliance-criteria.md)
-
+
-## [Microsoft virus initiative](virus-initiative-criteria.md)
+## [Microsoft virus initiative](virus-initiative-criteria.md)
-
+
-## [Coordinated malware eradication](coordinated-malware-eradication.md)
+## [Coordinated malware eradication](coordinated-malware-eradication.md)
-
+
-# [Information for developers](developer-info.md)
+# [Information for developers](developer-info.md)
-
+
-## [Software developer FAQ](developer-faq.md)
+## [Software developer FAQ](developer-faq.md)
-
+
-## [Software developer resources](developer-resources.md)
+## [Software developer resources](developer-resources.md)

windows/security/threat-protection/intelligence/coordinated-malware-eradication.md

@@ -1,35 +1,35 @@
----
+---
-title: Coordinated Malware Eradication
+title: Coordinated Malware Eradication
-description: Information and criteria regarding CME
+description: Information and criteria regarding CME
-keywords: security, malware
+keywords: security, malware
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 07/12/2018
+ms.date: 07/12/2018
----
+---
-# Coordinated Malware Eradication
+# Coordinated Malware Eradication
-
+
-![coordinated-malware-eradication](images/CoordinatedMalware.png)
+![coordinated-malware-eradication](images/CoordinatedMalware.png)
-
+
-Coordinated Malware Eradication (CME) aims to bring organizations in cybersecurity and in other industries together to change the game against malware. While the cybersecurity industry today is effective at disrupting malware families through individual efforts, those disruptions rarely lead to eradication since malware authors quickly adapt their tactics to survive.
+Coordinated Malware Eradication (CME) aims to bring organizations in cybersecurity and in other industries together to change the game against malware. While the cybersecurity industry today is effective at disrupting malware families through individual efforts, those disruptions rarely lead to eradication since malware authors quickly adapt their tactics to survive.
-
+
-CME calls for organizations to pool their tools, information and actions to drive coordinated campaigns against malware. The ultimate goal is to drive efficient and long lasting results for better protection of our collective communities, customers, and businesses.
+CME calls for organizations to pool their tools, information and actions to drive coordinated campaigns against malware. The ultimate goal is to drive efficient and long lasting results for better protection of our collective communities, customers, and businesses.
-
+
-## Combining our tools, information, and actions
+## Combining our tools, information, and actions
-
+
-Diversity of participation across industries and disciplines, extending beyond cybersecurity, makes eradication campaigns even stronger across the malware lifecycle. For instance, while security vendors, computer emergency response/readiness teams (CERTs), and Internet service providers (ISPs) can contribute with malware telemetry, online businesses can identify fraudulent behavior and law enforcement agencies can drive legal action.
+Diversity of participation across industries and disciplines, extending beyond cybersecurity, makes eradication campaigns even stronger across the malware lifecycle. For instance, while security vendors, computer emergency response/readiness teams (CERTs), and Internet service providers (ISPs) can contribute with malware telemetry, online businesses can identify fraudulent behavior and law enforcement agencies can drive legal action.
-
+
-In addition to telemetry and analysis data, Microsoft is planning to contribute cloud-based scalable storage and computing horsepower with the necessary big data analysis tools built-in to these campaigns.
+In addition to telemetry and analysis data, Microsoft is planning to contribute cloud-based scalable storage and computing horsepower with the necessary big data analysis tools built-in to these campaigns.
-
+
-## Coordinated campaigns for lasting results
+## Coordinated campaigns for lasting results
-
+
-Organizations participating in the CME effort work together to help eradicate selected malware families by contributing their own telemetry data, expertise, tools, and other resources. These organizations operate under a campaign umbrella with clearly defined end goals and metrics. Any organization or member can initiate a campaign and invite others to join it. The members then have the option to accept or decline the invitations they receive.
+Organizations participating in the CME effort work together to help eradicate selected malware families by contributing their own telemetry data, expertise, tools, and other resources. These organizations operate under a campaign umbrella with clearly defined end goals and metrics. Any organization or member can initiate a campaign and invite others to join it. The members then have the option to accept or decline the invitations they receive.
-
+
-## Join the effort
+## Join the effort
-
+
-Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).
+Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).
-
+
 Please apply using our [membership application form](http://www.microsoft.com/security/portal/partnerships/apply.aspx) to get started.

windows/security/threat-protection/intelligence/cybersecurity-industry-partners.md

@@ -1,39 +1,39 @@
----
+---
-title: Industry collaboration programs
+title: Industry collaboration programs
-description: Describing the 3 industry collaboration programs
+description: Describing the 3 industry collaboration programs
-keywords: security, malware
+keywords: security, malware
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 07/12/2018
+ms.date: 07/12/2018
----
+---
-# Industry collaboration programs
+# Industry collaboration programs
-
+
-Microsoft has several industry-wide collaboration programs with different objectives and requirements. Enrolling in the right program can help you protect your customers, gain more insight into the current threat landscape, or assist in disrupting the malware ecosystem.
+Microsoft has several industry-wide collaboration programs with different objectives and requirements. Enrolling in the right program can help you protect your customers, gain more insight into the current threat landscape, or assist in disrupting the malware ecosystem.
-
+
-## Virus Information Alliance (VIA)
+## Virus Information Alliance (VIA)
-
+
-The VIA program gives members access to information that will help improve protection for Microsoft customers. Malware telemetry and samples can be provided to security teams to help identify gaps in their protection, prioritize new threat coverage, or better respond to threats.
+The VIA program gives members access to information that will help improve protection for Microsoft customers. Malware telemetry and samples can be provided to security teams to help identify gaps in their protection, prioritize new threat coverage, or better respond to threats.
-
+
-**You must be a member of VIA if you want to apply for membership to the other programs.**
+**You must be a member of VIA if you want to apply for membership to the other programs.**
-
+
-Go to the [VIA program page](virus-information-alliance-criteria.md) for more information.
+Go to the [VIA program page](virus-information-alliance-criteria.md) for more information.
-
+
-## Microsoft Virus Initiative (MVI)
+## Microsoft Virus Initiative (MVI)
-
+
-MVI is open to organizations who build and own a Real Time Protection (RTP) antimalware product of their own design, or one developed using a third-party antivirus SDK.
+MVI is open to organizations who build and own a Real Time Protection (RTP) antimalware product of their own design, or one developed using a third-party antivirus SDK.
-
+
-Members get access to Microsoft client APIs for the Windows Defender Security Center, IOAV, AMSI, and Cloud Files, along with health data and other telemetry to help their customers stay protected. Antimalware products are submitted to Microsoft for performance testing on a regular basis.
+Members get access to Microsoft client APIs for the Windows Defender Security Center, IOAV, AMSI, and Cloud Files, along with health data and other telemetry to help their customers stay protected. Antimalware products are submitted to Microsoft for performance testing on a regular basis.
-
+
-Go to the [MVI program page](virus-initiative-criteria.md) for more information.
+Go to the [MVI program page](virus-initiative-criteria.md) for more information.
-
+
-## Coordinated Malware Eradication (CME)
+## Coordinated Malware Eradication (CME)
-
+
-CME is open to organizations who are involved in cybersecurity and antimalware or interested in fighting cybercrime.
+CME is open to organizations who are involved in cybersecurity and antimalware or interested in fighting cybercrime.
-
+
-The program aims to bring organizations in cybersecurity and other industries together to pool tools, information and actions to drive coordinated campaigns against malware. The ultimate goal is to create efficient and long-lasting results for better protection of our collective communities, customers, and businesses.
+The program aims to bring organizations in cybersecurity and other industries together to pool tools, information and actions to drive coordinated campaigns against malware. The ultimate goal is to create efficient and long-lasting results for better protection of our collective communities, customers, and businesses.
-
+
 Go to the [CME program page](coordinated-malware-eradication.md) for more information.

windows/security/threat-protection/intelligence/index.md

@@ -1,39 +1,39 @@
----
+---
-title: Understand malware & other threats
+title: Understand malware & other threats
-description: Learn about the different types of malware, how they work, and what you can do to protect yourself.
+description: Learn about the different types of malware, how they work, and what you can do to protect yourself.
-keywords: security, malware
+keywords: security, malware
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 08/17/2018
+ms.date: 08/17/2018
----
+---
-# Understanding  malware & other threats
+# Understanding  malware & other threats
-
+
-Malware is a term used to describe malicious applications and code that can cause damage and disrupt normal use of devices. Malware can allow unauthorized access, use system resources, steal passwords, lock you out of your computer and ask for ransom, and more.
+Malware is a term used to describe malicious applications and code that can cause damage and disrupt normal use of devices. Malware can allow unauthorized access, use system resources, steal passwords, lock you out of your computer and ask for ransom, and more.
-
+
-Cybercriminals that distribute malware are often motivated by money and will use infected computers to launch attacks, obtain banking credentials, collect information that can be sold, sell access to computing resources, or extort payment from victims.
+Cybercriminals that distribute malware are often motivated by money and will use infected computers to launch attacks, obtain banking credentials, collect information that can be sold, sell access to computing resources, or extort payment from victims.
-
+
-As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Windows Defender Advanced Threat Protection (Windows Defender ATP), businesses can stay protected with next-generation protection and other security capabilities.
+As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Windows Defender Advanced Threat Protection (Windows Defender ATP), businesses can stay protected with next-generation protection and other security capabilities.
-
+
-For good general tips, check out the [prevent malware infection](prevent-malware-infection.md) topic.
+For good general tips, check out the [prevent malware infection](prevent-malware-infection.md) topic.
-
+
-There are many types of malware, including:
+There are many types of malware, including:
-
+
-- [Coin miners](coinminer-malware.md)
+- [Coin miners](coinminer-malware.md)
-- [Exploits and exploit kits](exploits-malware.md)
+- [Exploits and exploit kits](exploits-malware.md)
-- [Macro malware](macro-malware.md)
+- [Macro malware](macro-malware.md)
-- [Phishing](phishing.md)
+- [Phishing](phishing.md)
-- [Ransomware](ransomware-malware.md)
+- [Ransomware](ransomware-malware.md)
-- [Rootkits](rootkits-malware.md)
+- [Rootkits](rootkits-malware.md)
-- [Supply chain attacks](supply-chain-malware.md)
+- [Supply chain attacks](supply-chain-malware.md)
-- [Tech support scams](support-scams.md)
+- [Tech support scams](support-scams.md)
-- [Trojans](trojans-malware.md)
+- [Trojans](trojans-malware.md)
-- [Unwanted software](unwanted-software.md)
+- [Unwanted software](unwanted-software.md)
-- [Worms](worms-malware.md)
+- [Worms](worms-malware.md)
-
+
-Keep up with the latest malware news and research. Check out our [Windows security blogs](http://aka.ms/wdsecurityblog) and follow us on [Twitter](https://twitter.com/wdsecurity) for the latest news, discoveries, and protections.
+Keep up with the latest malware news and research. Check out our [Windows security blogs](http://aka.ms/wdsecurityblog) and follow us on [Twitter](https://twitter.com/wdsecurity) for the latest news, discoveries, and protections.
-
+
 Learn more about [Windows security](https://docs.microsoft.com/en-us/windows/security/index).

windows/security/threat-protection/intelligence/malware-naming.md

@@ -1,176 +1,176 @@
----
+---
-title: Malware names
+title: Malware names
-description: Identifying malware vocabulary
+description: Identifying malware vocabulary
-keywords: security, malware, names
+keywords: security, malware, names
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 08/17/2018
+ms.date: 08/17/2018
----
+---
-# Malware names
+# Malware names
-
+
-We name the malware and unwanted software that we detect according to the Computer Antivirus Research Organization (CARO) malware naming scheme. The scheme uses the following format:
+We name the malware and unwanted software that we detect according to the Computer Antivirus Research Organization (CARO) malware naming scheme. The scheme uses the following format:
-
+
-![coordinated-malware-eradication](images/NamingMalware1.png)
+![coordinated-malware-eradication](images/NamingMalware1.png)
-
+
-When our analysts research a particular threat, they will determine what each of the components of the name will be.
+When our analysts research a particular threat, they will determine what each of the components of the name will be.
-
+
-## Type
+## Type
-
+
-Describes what the malware does on your computer. Worms, viruses, trojans, backdoors, and ransomware are some of the most common types of malware.
+Describes what the malware does on your computer. Worms, viruses, trojans, backdoors, and ransomware are some of the most common types of malware.
-
+
-* Adware
+* Adware
-* Backdoor
+* Backdoor
-* Behavior
+* Behavior
-* BrowserModifier
+* BrowserModifier
-* Constructor
+* Constructor
-* DDoS
+* DDoS
-* Exploit
+* Exploit
-* Hacktool
+* Hacktool
-* Joke
+* Joke
-* Misleading
+* Misleading
-* MonitoringTool
+* MonitoringTool
-* Program
+* Program
-* PWS
+* PWS
-* Ransom
+* Ransom
-* RemoteAccess
+* RemoteAccess
-* Rogue
+* Rogue
-* SettingsModifier
+* SettingsModifier
-* SoftwareBundler
+* SoftwareBundler
-* Spammer
+* Spammer
-* Spoofer
+* Spoofer
-* Spyware
+* Spyware
-* Tool
+* Tool
-* Trojan
+* Trojan
-* TrojanClicker
+* TrojanClicker
-* TrojanDownloader
+* TrojanDownloader
-* TrojanNotifier
+* TrojanNotifier
-* TrojanProxy
+* TrojanProxy
-* TrojanSpy
+* TrojanSpy
-* VirTool
+* VirTool
-* Virus
+* Virus
-* Worm
+* Worm
-
+
-## Platforms
+## Platforms
-
+
-Indicates the operating system (such as Windows, Mac OS X, and Android) that the malware is designed to work on. The platform is also used to indicate programming languages and file formats.
+Indicates the operating system (such as Windows, Mac OS X, and Android) that the malware is designed to work on. The platform is also used to indicate programming languages and file formats.
-
+
-### Operating systems
+### Operating systems
-
+
-* AndroidOS: Android operating system
+* AndroidOS: Android operating system
-* DOS: MS-DOS platform
+* DOS: MS-DOS platform
-* EPOC: Psion devices
+* EPOC: Psion devices
-* FreeBSD: FreeBSD platform
+* FreeBSD: FreeBSD platform
-* iPhoneOS: iPhone operating system
+* iPhoneOS: iPhone operating system
-* Linux: Linux platform
+* Linux: Linux platform
-* MacOS: MAC 9.x platform or earlier
+* MacOS: MAC 9.x platform or earlier
-* MacOS_X: MacOS X or later
+* MacOS_X: MacOS X or later
-* OS2: OS2 platform
+* OS2: OS2 platform
-* Palm: Palm operating system
+* Palm: Palm operating system
-* Solaris: System V-based Unix platforms
+* Solaris: System V-based Unix platforms
-* SunOS: Unix platforms 4.1.3 or lower
+* SunOS: Unix platforms 4.1.3 or lower
-* SymbOS: Symbian operating system
+* SymbOS: Symbian operating system
-* Unix: general Unix platforms
+* Unix: general Unix platforms
-* Win16: Win16 (3.1) platform
+* Win16: Win16 (3.1) platform
-* Win2K: Windows 2000 platform
+* Win2K: Windows 2000 platform
-* Win32: Windows 32-bit platform
+* Win32: Windows 32-bit platform
-* Win64: Windows 64-bit platform
+* Win64: Windows 64-bit platform
-* Win95: Windows 95, 98 and ME platforms
+* Win95: Windows 95, 98 and ME platforms
-* Win98: Windows 98 platform only
+* Win98: Windows 98 platform only
-* WinCE: Windows CE platform
+* WinCE: Windows CE platform
-* WinNT: WinNT
+* WinNT: WinNT
-
+
-### Scripting languages
+### Scripting languages
-
+
-* ABAP: Advanced Business Application Programming scripts
+* ABAP: Advanced Business Application Programming scripts
-* ALisp: ALisp scripts
+* ALisp: ALisp scripts
-* AmiPro: AmiPro script
+* AmiPro: AmiPro script
-* ANSI: American National Standards Institute scripts
+* ANSI: American National Standards Institute scripts
-* AppleScript: compiled Apple scripts
+* AppleScript: compiled Apple scripts
-* ASP: Active Server Pages scripts
+* ASP: Active Server Pages scripts
-* AutoIt: AutoIT scripts
+* AutoIt: AutoIT scripts
-* BAS: Basic scripts
+* BAS: Basic scripts
-* BAT: Basic scripts
+* BAT: Basic scripts
-* CorelScript: Corelscript scripts
+* CorelScript: Corelscript scripts
-* HTA: HTML Application scripts
+* HTA: HTML Application scripts
-* HTML: HTML Application scripts
+* HTML: HTML Application scripts
-* INF: Install scripts
+* INF: Install scripts
-* IRC: mIRC/pIRC scripts
+* IRC: mIRC/pIRC scripts
-* Java: Java binaries (classes)
+* Java: Java binaries (classes)
-* JS: Javascript scripts
+* JS: Javascript scripts
-* LOGO: LOGO scripts
+* LOGO: LOGO scripts
-* MPB: MapBasic scripts
+* MPB: MapBasic scripts
-* MSH: Monad shell scripts
+* MSH: Monad shell scripts
-* MSIL: .Net intermediate language scripts
+* MSIL: .Net intermediate language scripts
-* Perl: Perl scripts
+* Perl: Perl scripts
-* PHP: Hypertext Preprocessor scripts
+* PHP: Hypertext Preprocessor scripts
-* Python: Python scripts
+* Python: Python scripts
-* SAP: SAP platform scripts
+* SAP: SAP platform scripts
-* SH: Shell scripts
+* SH: Shell scripts
-* VBA: Visual Basic for Applications scripts
+* VBA: Visual Basic for Applications scripts
-* VBS: Visual Basic scripts
+* VBS: Visual Basic scripts
-* WinBAT: Winbatch scripts
+* WinBAT: Winbatch scripts
-* WinHlp: Windows Help scripts
+* WinHlp: Windows Help scripts
-* WinREG: Windows registry scripts
+* WinREG: Windows registry scripts
-
+
-### Macros
+### Macros
-
+
-* A97M: Access 97, 2000, XP, 2003, 2007, and 2010 macros
+* A97M: Access 97, 2000, XP, 2003, 2007, and 2010 macros
-* HE: macro scripting
+* HE: macro scripting
-* O97M: Office 97, 2000, XP, 2003, 2007, and 2010 macros - those that affect Word, Excel, and Powerpoint
+* O97M: Office 97, 2000, XP, 2003, 2007, and 2010 macros - those that affect Word, Excel, and Powerpoint
-* PP97M: PowerPoint 97, 2000, XP, 2003, 2007, and 2010 macros
+* PP97M: PowerPoint 97, 2000, XP, 2003, 2007, and 2010 macros
-* V5M: Visio5 macros
+* V5M: Visio5 macros
-* W1M: Word1Macro
+* W1M: Word1Macro
-* W2M: Word2Macro
+* W2M: Word2Macro
-* W97M: Word 97, 2000, XP, 2003, 2007, and 2010 macros
+* W97M: Word 97, 2000, XP, 2003, 2007, and 2010 macros
-* WM: Word 95 macros
+* WM: Word 95 macros
-* X97M: Excel 97, 2000, XP, 2003, 2007, and 2010 macros
+* X97M: Excel 97, 2000, XP, 2003, 2007, and 2010 macros
-* XF: Excel formulas
+* XF: Excel formulas
-* XM: Excel 95 macros
+* XM: Excel 95 macros
-
+
-### Other file types
+### Other file types
-
+
-* ASX: XML metafile of Windows Media .asf files
+* ASX: XML metafile of Windows Media .asf files
-* HC: HyperCard Apple scripts
+* HC: HyperCard Apple scripts
-* MIME: MIME packets
+* MIME: MIME packets
-* Netware: Novell Netware files
+* Netware: Novell Netware files
-* QT: Quicktime files
+* QT: Quicktime files
-* SB: StarBasic (Staroffice XML) files
+* SB: StarBasic (Staroffice XML) files
-* SWF: Shockwave Flash files
+* SWF: Shockwave Flash files
-* TSQL: MS SQL server files
+* TSQL: MS SQL server files
-* XML: XML files
+* XML: XML files
-
+
-## Family
+## Family
-
+
-Grouping of malware based on common characteristics, including attribution to the same authors. Security software providers sometimes use different names for the same malware family.
+Grouping of malware based on common characteristics, including attribution to the same authors. Security software providers sometimes use different names for the same malware family.
-
+
-## Variant letter
+## Variant letter
-
+
-Used sequentially for every distinct version of a malware family. For example, the detection for the variant ".AF" would have been created after the detection for the variant ".AE".
+Used sequentially for every distinct version of a malware family. For example, the detection for the variant ".AF" would have been created after the detection for the variant ".AE".
-
+
-## Suffixes
+## Suffixes
-
+
-Provides extra detail about the malware, including how it is used as part of a multicomponent threat. In the example above, "!lnk" indicates that the threat component is a shortcut file used by Trojan:Win32/Reveton.T.
+Provides extra detail about the malware, including how it is used as part of a multicomponent threat. In the example above, "!lnk" indicates that the threat component is a shortcut file used by Trojan:Win32/Reveton.T.
-
+
-* .dam: damaged malware
+* .dam: damaged malware
-* .dll: Dynamic Link Library component of a malware
+* .dll: Dynamic Link Library component of a malware
-* .dr: dropper component of a malware
+* .dr: dropper component of a malware
-* .gen: malware that is detected using a generic signature
+* .gen: malware that is detected using a generic signature
-* .kit: virus constructor
+* .kit: virus constructor
-* .ldr: loader component of a malware
+* .ldr: loader component of a malware
-* .pak: compressed malware
+* .pak: compressed malware
-* .plugin: plug-in component
+* .plugin: plug-in component
-* .remnants: remnants of a virus
+* .remnants: remnants of a virus
-* .worm: worm component of that malware
+* .worm: worm component of that malware
-* !bit: an internal category used to refer to some threats
+* !bit: an internal category used to refer to some threats
-* !cl: an internal category used to refer to some threats
+* !cl: an internal category used to refer to some threats
-* !dha: an internal category used to refer to some threats
+* !dha: an internal category used to refer to some threats
-* !pfn: an internal category used to refer to some threats
+* !pfn: an internal category used to refer to some threats
-* !plock: an internal category used to refer to some threats
+* !plock: an internal category used to refer to some threats
-* !rfn: an internal category used to refer to some threats
+* !rfn: an internal category used to refer to some threats
-* !rootkit: rootkit component of that malware
+* !rootkit: rootkit component of that malware
-* @m: worm mailers
+* @m: worm mailers
 * @mm: mass mailer worm

windows/security/threat-protection/intelligence/prevent-malware-infection.md

@@ -1,117 +1,117 @@
----
+---
-title: Prevent malware infection
+title: Prevent malware infection
-description: Malware prevention best practices
+description: Malware prevention best practices
-keywords: security, malware, prevention, infection, tips
+keywords: security, malware, prevention, infection, tips
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 08/17/2018
+ms.date: 08/17/2018
----
+---
-# Prevent malware infection
+# Prevent malware infection
-
+
-Malware authors are always looking for new ways to infect computers. Follow the simple tips below to stay protected and minimize threats to your data and accounts.
+Malware authors are always looking for new ways to infect computers. Follow the simple tips below to stay protected and minimize threats to your data and accounts.
-
+
-You can also browse the many [software and application solutions](https://review.docs.microsoft.com/en-us/windows/security/intelligence/prevent-malware-infection?branch=wdsi-migration-stuff#software-solutions) available to you.
+You can also browse the many [software and application solutions](https://review.docs.microsoft.com/en-us/windows/security/intelligence/prevent-malware-infection?branch=wdsi-migration-stuff#software-solutions) available to you.
-
+
-## Keep software up-to-date
+## Keep software up-to-date
-
+
-[Exploits](exploits-malware.md) typically use vulnerabilities in popular software such as web browsers, Java, Adobe Flash Player, and Microsoft Office to infect devices. Software updates patch vulnerabilities so they aren't available to exploits anymore.
+[Exploits](exploits-malware.md) typically use vulnerabilities in popular software such as web browsers, Java, Adobe Flash Player, and Microsoft Office to infect devices. Software updates patch vulnerabilities so they aren't available to exploits anymore.
-
+
-To keep Microsoft software up to date, ensure that [automatic Microsoft Updates](https://support.microsoft.com/help/12373/windows-update-faq) are enabled. Also, upgrade to the latest version of Windows to benefit from a host of built-in security enhancements.
+To keep Microsoft software up to date, ensure that [automatic Microsoft Updates](https://support.microsoft.com/help/12373/windows-update-faq) are enabled. Also, upgrade to the latest version of Windows to benefit from a host of built-in security enhancements.
-
+
-## Be wary of links and attachments
+## Be wary of links and attachments
-
+
-Email and other messaging tools are a few of the most common ways your device can get infected. Attachments or links in messages can open malware directly or can stealthily trigger a download. Some emails will give instructions to allow macros or other executable content designed to make it easier for malware to infect your devices.
+Email and other messaging tools are a few of the most common ways your device can get infected. Attachments or links in messages can open malware directly or can stealthily trigger a download. Some emails will give instructions to allow macros or other executable content designed to make it easier for malware to infect your devices.
-
+
-* Use an email service that provides protection against malicious attachments, links, and abusive senders. [Microsoft Office 365](https://support.office.com/article/Anti-spam-and-anti-malware-protection-in-Office-365-5ce5cf47-2120-4e51-a403-426a13358b7e) has built-in antimalware, link protection, and spam filtering.
+* Use an email service that provides protection against malicious attachments, links, and abusive senders. [Microsoft Office 365](https://support.office.com/article/Anti-spam-and-anti-malware-protection-in-Office-365-5ce5cf47-2120-4e51-a403-426a13358b7e) has built-in antimalware, link protection, and spam filtering.
-
+
-For more information, see [Phishing](phishing.md).
+For more information, see [Phishing](phishing.md).
-
+
-## Watch out for malicious or compromised websites
+## Watch out for malicious or compromised websites
-
+
-By visiting malicious or compromised sites, your device can get infected with malware automatically or you can get tricked into downloading and installing malware.  See [exploits and exploit kits](exploits-malware.md) as an example of how some of these sites can automatically install malware to visiting computers.
+By visiting malicious or compromised sites, your device can get infected with malware automatically or you can get tricked into downloading and installing malware.  See [exploits and exploit kits](exploits-malware.md) as an example of how some of these sites can automatically install malware to visiting computers.
-
+
-To identify potentially harmful websites, keep the following in mind:
+To identify potentially harmful websites, keep the following in mind:
-
+
-* The initial part (domain) of a website address should represent the company that owns the site you are visiting. Check the domain for misspellings. For example, malicious sites commonly use domain names that swap the letter O with a zero (0) or the letters L and I with a one (1). If example<span></span>.com is spelled examp1e<span></span>.com, the site you are visiting is suspect.
+* The initial part (domain) of a website address should represent the company that owns the site you are visiting. Check the domain for misspellings. For example, malicious sites commonly use domain names that swap the letter O with a zero (0) or the letters L and I with a one (1). If example<span></span>.com is spelled examp1e<span></span>.com, the site you are visiting is suspect.
-
+
-* Sites that aggressively open popups and display misleading buttons often trick users into accepting content through constant popups or mislabeled buttons.
+* Sites that aggressively open popups and display misleading buttons often trick users into accepting content through constant popups or mislabeled buttons.
-
+
-To block malicious websites, use a modern web browser like [Microsoft Edge](http://www.microsoft.com/windows/microsoft-edge?ocid=cx-wdsi-articles) which identifies phishing and malware websites and checks downloads for malware.
+To block malicious websites, use a modern web browser like [Microsoft Edge](http://www.microsoft.com/windows/microsoft-edge?ocid=cx-wdsi-articles) which identifies phishing and malware websites and checks downloads for malware.
-
+
-If you encounter an unsafe site, click **More […] > Send feedback** on Microsoft Edge. You can also [report unsafe sites directly to Microsoft](https://www.microsoft.com/wdsi/support/report-unsafe-site).
+If you encounter an unsafe site, click **More […] > Send feedback** on Microsoft Edge. You can also [report unsafe sites directly to Microsoft](https://www.microsoft.com/wdsi/support/report-unsafe-site).
-
+
-### Pirated material on compromised websites
+### Pirated material on compromised websites
-
+
-Using pirated content is not only illegal, it can also expose your device to malware. Sites that offer pirated software and media are also often used to distribute malware when the site is visited. Sometimes pirated software is bundled with malware and other unwanted software when downloaded, including intrusive browser plugins and adware.
+Using pirated content is not only illegal, it can also expose your device to malware. Sites that offer pirated software and media are also often used to distribute malware when the site is visited. Sometimes pirated software is bundled with malware and other unwanted software when downloaded, including intrusive browser plugins and adware.
-
+
-Users do not openly discuss visits to these sites, so any untoward experience are more likely to stay unreported.
+Users do not openly discuss visits to these sites, so any untoward experience are more likely to stay unreported.
-
+
-To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/windows/windows-10-s?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
+To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/windows/windows-10-s?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
-
+
-## Don't attach unfamiliar removable drives
+## Don't attach unfamiliar removable drives
-
+
-Some types of malware can spread by copying themselves to USB flash drives or other removable drives. There are malicious individuals that intentionally prepare and distribute infected drives—leaving these drives in public places to victimize unsuspecting individuals.
+Some types of malware can spread by copying themselves to USB flash drives or other removable drives. There are malicious individuals that intentionally prepare and distribute infected drives—leaving these drives in public places to victimize unsuspecting individuals.
-
+
-Only use removable drives that you are familiar with or that come from a trusted source. If a drive has been used in publicly accessible devices, like computers in a café or a library, make sure you have antimalware running on your computer before you use the drive. Avoid opening unfamiliar files you find on suspect drives, including Office and PDF documents and executable files.
+Only use removable drives that you are familiar with or that come from a trusted source. If a drive has been used in publicly accessible devices, like computers in a café or a library, make sure you have antimalware running on your computer before you use the drive. Avoid opening unfamiliar files you find on suspect drives, including Office and PDF documents and executable files.
-
+
-## Use a non-administrator account
+## Use a non-administrator account
-
+
-At the time they are launched, whether inadvertently by a user or automatically, most malware run under the same privileges as the active user. This means that by limiting account privileges, you can prevent malware from making consequential changes any devices.
+At the time they are launched, whether inadvertently by a user or automatically, most malware run under the same privileges as the active user. This means that by limiting account privileges, you can prevent malware from making consequential changes any devices.
-
+
-By default, Windows uses [User Account Control (UAC)](https://docs.microsoft.com/windows/access-protection/user-account-control/user-account-control-overview) to provide automatic, granular control of privileges—it temporarily restricts privileges and prompts the active user every time an application attempts to make potentially consequential changes to the system. Although UAC helps limit the privileges of admin users, users can simply override this restriction when prompted. As a result, it is quite easy for an admin user to inadvertently allow malware to run.
+By default, Windows uses [User Account Control (UAC)](https://docs.microsoft.com/windows/access-protection/user-account-control/user-account-control-overview) to provide automatic, granular control of privileges—it temporarily restricts privileges and prompts the active user every time an application attempts to make potentially consequential changes to the system. Although UAC helps limit the privileges of admin users, users can simply override this restriction when prompted. As a result, it is quite easy for an admin user to inadvertently allow malware to run.
-
+
-To help ensure that everyday activities do not result in malware infection and other potentially catastrophic changes, it is recommended that you use a non-administrator account for regular use. By using a non-administrator account, you can prevent installation of unauthorized apps and prevent inadvertent changes to system settings. Avoid browsing the web or checking email using an account with administrator privileges.
+To help ensure that everyday activities do not result in malware infection and other potentially catastrophic changes, it is recommended that you use a non-administrator account for regular use. By using a non-administrator account, you can prevent installation of unauthorized apps and prevent inadvertent changes to system settings. Avoid browsing the web or checking email using an account with administrator privileges.
-
+
-Whenever necessary, log in as an administrator to install apps or make configuration changes that require admin privileges.
+Whenever necessary, log in as an administrator to install apps or make configuration changes that require admin privileges.
-
+
-[Read about creating user accounts and giving administrator privileges](https://support.microsoft.com/help/4026923/windows-create-a-local-user-or-administrator-account-in-windows-10)
+[Read about creating user accounts and giving administrator privileges](https://support.microsoft.com/help/4026923/windows-create-a-local-user-or-administrator-account-in-windows-10)
-
+
-## Other safety tips
+## Other safety tips
-
+
-To further ensure that data is protected from malware as well as other threats:
+To further ensure that data is protected from malware as well as other threats:
-
+
-* Backup files. Follow the 3-2-1 rule: make **3 copies**, store in at least **2 locations**, with at least **1 offline copy**. Use [OneDrive](https://onedrive.live.com/about/?ocid=cx-wdsi-articles) for reliable cloud-based copies that allows access to files from multiple devices and helps recover damaged or lost files, including files locked by ransomware.
+* Backup files. Follow the 3-2-1 rule: make **3 copies**, store in at least **2 locations**, with at least **1 offline copy**. Use [OneDrive](https://onedrive.live.com/about/?ocid=cx-wdsi-articles) for reliable cloud-based copies that allows access to files from multiple devices and helps recover damaged or lost files, including files locked by ransomware.
-
+
-* Be wary when connecting to public hotspots, particularly those that do not require authentication.
+* Be wary when connecting to public hotspots, particularly those that do not require authentication.
-
+
-* Use [strong passwords](https://support.microsoft.com/help/12410/microsoft-account-help-protect-account) and enable multi-factor authentication.
+* Use [strong passwords](https://support.microsoft.com/help/12410/microsoft-account-help-protect-account) and enable multi-factor authentication.
-
+
-* Do not use untrusted devices to log on to email, social media, and corporate accounts.
+* Do not use untrusted devices to log on to email, social media, and corporate accounts.
-
+
-## Software solutions
+## Software solutions
-
+
-Microsoft provides comprehensive security capabilities that help protect against threats. We recommend:
+Microsoft provides comprehensive security capabilities that help protect against threats. We recommend:
-
+
-* [Automatic Microsoft updates](https://support.microsoft.com/help/12373/windows-update-faq) keeps software up-to-date to get the latest protections.
+* [Automatic Microsoft updates](https://support.microsoft.com/help/12373/windows-update-faq) keeps software up-to-date to get the latest protections.
-
+
-* [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard) stops ransomware in its tracks by preventing unauthorized access to your important files. Controlled folder access locks down folders, allowing only authorized apps to access files. Unauthorized apps, including ransomware and other malicious executable files, DLLs, and scripts are denied access.
+* [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard) stops ransomware in its tracks by preventing unauthorized access to your important files. Controlled folder access locks down folders, allowing only authorized apps to access files. Unauthorized apps, including ransomware and other malicious executable files, DLLs, and scripts are denied access.
-
+
-* [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/index) browser protects against threats such as ransomware by preventing exploit kits from running. By using Microsoft [SmartScreen](https://docs.microsoft.com/en-us/microsoft-edge/deploy/index), Microsoft Edge blocks access to malicious websites.
+* [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/index) browser protects against threats such as ransomware by preventing exploit kits from running. By using Microsoft [SmartScreen](https://docs.microsoft.com/en-us/microsoft-edge/deploy/index), Microsoft Edge blocks access to malicious websites.
-
+
-* [Microsoft Exchange Online Protection (EOP)](https://products.office.com/exchange/exchange-email-security-spam-protection) offers enterprise-class reliability and protection against spam and malware, while maintaining access to email during and after emergencies.
+* [Microsoft Exchange Online Protection (EOP)](https://products.office.com/exchange/exchange-email-security-spam-protection) offers enterprise-class reliability and protection against spam and malware, while maintaining access to email during and after emergencies.
-
+
-* [Microsoft Safety Scanner](https://www.microsoft.com/wdsi/products/scanner) helps remove malicious software from computers. NOTE: This tool does not replace your antimalware product.
+* [Microsoft Safety Scanner](https://www.microsoft.com/wdsi/products/scanner) helps remove malicious software from computers. NOTE: This tool does not replace your antimalware product.
-
+
-* [Microsoft 365](https://docs.microsoft.com/microsoft-365/enterprise/#pivot=itadmin&panel=it-security) includes Office 365, Windows 10, and Enterprise Mobility + Security. These resources power productivity while providing intelligent security across users, devices, and data.
+* [Microsoft 365](https://docs.microsoft.com/microsoft-365/enterprise/#pivot=itadmin&panel=it-security) includes Office 365, Windows 10, and Enterprise Mobility + Security. These resources power productivity while providing intelligent security across users, devices, and data.
-
+
-* [Office 365 Advanced Threat Protection](https://technet.microsoft.com/library/exchange-online-advanced-threat-protection-service-description.aspx) includes machine learning capabilities that block dangerous emails, including millions of emails carrying ransomware downloaders.
+* [Office 365 Advanced Threat Protection](https://technet.microsoft.com/library/exchange-online-advanced-threat-protection-service-description.aspx) includes machine learning capabilities that block dangerous emails, including millions of emails carrying ransomware downloaders.
-
+
-* [OneDrive for Business](https://support.office.com/article/restore-a-previous-version-of-a-file-in-onedrive-159cad6d-d76e-4981-88ef-de6e96c93893?ui=en-US&rs=en-US&ad=US) can back up files, which you would then use to restore files in the event of an infection.
+* [OneDrive for Business](https://support.office.com/article/restore-a-previous-version-of-a-file-in-onedrive-159cad6d-d76e-4981-88ef-de6e96c93893?ui=en-US&rs=en-US&ad=US) can back up files, which you would then use to restore files in the event of an infection.
-
+
-* [Windows Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) provides comprehensive endpoint protection, detection, and response capabilities to help prevent ransomware. In the event of a breach, Windows Defender ATP alerts security operations teams about suspicious activities and automatically attempts to resolve the problem. This includes alerts for suspicious PowerShell commands, connecting to a TOR website, launching self-replicated copies, and deletion of volume shadow copies. Try Windows Defender ATP free of charge.
+* [Windows Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) provides comprehensive endpoint protection, detection, and response capabilities to help prevent ransomware. In the event of a breach, Windows Defender ATP alerts security operations teams about suspicious activities and automatically attempts to resolve the problem. This includes alerts for suspicious PowerShell commands, connecting to a TOR website, launching self-replicated copies, and deletion of volume shadow copies. Try Windows Defender ATP free of charge.
-
+
-* [Windows Hello for Business](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication on your devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN. It lets user authenticate to an Active Directory or Azure Active Directory account.
+* [Windows Hello for Business](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-identity-verification) replaces passwords with strong two-factor authentication on your devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN. It lets user authenticate to an Active Directory or Azure Active Directory account.
-
+
-### Earlier than Windows 10 (not recommended)
+### Earlier than Windows 10 (not recommended)
-
+
-* [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) provides real-time protection for your home or small business device that guards against viruses, spyware, and other malicious software.
+* [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) provides real-time protection for your home or small business device that guards against viruses, spyware, and other malicious software.
-
+
-## What to do with a malware infection
+## What to do with a malware infection
-
+
-Windows Defender ATP antivirus capabilities helps reduce the chances of infection and will automatically remove threats that it detects.
+Windows Defender ATP antivirus capabilities helps reduce the chances of infection and will automatically remove threats that it detects.
-
+
 In case threat removal is unsuccessful, read about [troubleshooting malware detection and removal problems](https://www.microsoft.com/wdsi/help/troubleshooting-infection).

windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md

@@ -1,51 +1,51 @@
----
+---
-title: Virus Information Alliance
+title: Virus Information Alliance
-description: Information and criteria regarding VIA
+description: Information and criteria regarding VIA
-keywords: security, malware
+keywords: security, malware
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: secure
+ms.mktglfcycl: secure
-ms.sitesec: library
+ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.author: ellevin
+ms.author: ellevin
-author: levinec
+author: levinec
-ms.date: 07/12/2018
+ms.date: 07/12/2018
----
+---
-# Virus Information Alliance
+# Virus Information Alliance
-
+
-The Virus Information Alliance (VIA) is a public antimalware collaboration program for security software providers, security service providers, antimalware testing organizations, and other organizations involved in fighting cybercrime.
+The Virus Information Alliance (VIA) is a public antimalware collaboration program for security software providers, security service providers, antimalware testing organizations, and other organizations involved in fighting cybercrime.
-
+
-Members of the VIA program collaborate by exchanging technical information on malicious software with Microsoft, with the goal of improving protection for Microsoft customers.
+Members of the VIA program collaborate by exchanging technical information on malicious software with Microsoft, with the goal of improving protection for Microsoft customers.
-
+
-## Better protection for customers against malware
+## Better protection for customers against malware
-
+
-The VIA program gives members access to information that will help improve protection for Microsoft customers. For example, the program provides malware telemetry and samples to security product teams to identify gaps in their protection and prioritize new threat coverage.
+The VIA program gives members access to information that will help improve protection for Microsoft customers. For example, the program provides malware telemetry and samples to security product teams to identify gaps in their protection and prioritize new threat coverage.
-
+
-Malware prevalence data is provided to antimalware testers to assist them in selecting sample sets and setting scoring criteria that represent the real-world threat landscape. Service organizations, such as a CERT, can leverage our data to help assess the impact of policy changes or to help shut down malicious activity.
+Malware prevalence data is provided to antimalware testers to assist them in selecting sample sets and setting scoring criteria that represent the real-world threat landscape. Service organizations, such as a CERT, can leverage our data to help assess the impact of policy changes or to help shut down malicious activity.
-
+
-Microsoft is committed to continuous improvement to help reduce the impact of malware on customers. By sharing malware-related information, Microsoft enables members of this community to work towards better protection for customers.
+Microsoft is committed to continuous improvement to help reduce the impact of malware on customers. By sharing malware-related information, Microsoft enables members of this community to work towards better protection for customers.
-
+
-## Becoming a member of VIA
+## Becoming a member of VIA
-
+
-Microsoft has well-defined, objective, measurable, and tailored membership criteria for prospective members of the Virus Information Alliance (VIA). The criteria is designed to ensure that Microsoft is able to work with security software providers, security service providers, antimalware testing organizations, and other organizations involved in the fight against cybercrime to protect a broad range of customers.
+Microsoft has well-defined, objective, measurable, and tailored membership criteria for prospective members of the Virus Information Alliance (VIA). The criteria is designed to ensure that Microsoft is able to work with security software providers, security service providers, antimalware testing organizations, and other organizations involved in the fight against cybercrime to protect a broad range of customers.
-
+
-Members will receive information to facilitate effective malware detection, deterrence, and eradication. This includes technical information on malware as well as metadata on malicious activity. Information shared through VIA is governed by the VIA membership agreement and a Microsoft non-disclosure agreement, where applicable.
+Members will receive information to facilitate effective malware detection, deterrence, and eradication. This includes technical information on malware as well as metadata on malicious activity. Information shared through VIA is governed by the VIA membership agreement and a Microsoft non-disclosure agreement, where applicable.
-
+
-VIA has an open enrollment for potential members.
+VIA has an open enrollment for potential members.
-
+
-### Initial selection criteria
+### Initial selection criteria
-
+
-To be eligible for VIA your organization must:
+To be eligible for VIA your organization must:
-
+
-1. Be willing to sign a non-disclosure agreement with Microsoft.
+1. Be willing to sign a non-disclosure agreement with Microsoft.
-
+
-2. Fit into one of the following categories:
+2. Fit into one of the following categories:
-   * Your organization develops antimalware technology that can run on Windows and your organization’s product is commercially available.
+   * Your organization develops antimalware technology that can run on Windows and your organization’s product is commercially available.
-   * Your organization provides security services to Microsoft customers or for Microsoft products.
+   * Your organization provides security services to Microsoft customers or for Microsoft products.
-   * Your organization publishes antimalware testing reports on a regular basis.
+   * Your organization publishes antimalware testing reports on a regular basis.
-   * Your organization has a research or response team dedicated to fighting malware to protect your organization, your customers, or the general public.
+   * Your organization has a research or response team dedicated to fighting malware to protect your organization, your customers, or the general public.
-
+
-3. Be willing to sign and adhere to the VIA membership agreement.
+3. Be willing to sign and adhere to the VIA membership agreement.
-
+
-If your organization wants to apply and meets this criteria, you can apply using our [membership application form](http://www.microsoft.com/security/portal/partnerships/apply.aspx).
+If your organization wants to apply and meets this criteria, you can apply using our [membership application form](http://www.microsoft.com/security/portal/partnerships/apply.aspx).
-
+
 If you have any questions, you can also contact us using our [partnerships contact form](http://www.microsoft.com/security/portal/partnerships/contactus.aspx).