Microsoft products were targeted the most by hackers last year

(Image credit: Shutterstock)

Cyber-criminals have been able to exploit more vulnerabilities in Microsoft products compared to other companies for the third straight year. 

According to a report by Recorded Future, of the ten most common software flaws detetcted during 2019, Microsoft products outweighed those from other vendors.

Four of the most popular exploits targeted Internet Explorer, while Adobe Flash, which is close to the end of its life cycle, was also heavily hit. Of the top ten issues, eight could be exploited using phishing attacks, exploit kits, or Remote Access Trojans (RAT).

Compromised

The report was formed by analysing approximately 12,000 vulnerabilities reported through the Common Vulnerabilities and Exposure (CVE) system last year.

Bugs like the use-after-free issue, remote code execution flaw in the Windows VBScripting engine, critical remote code execution flaw in Microsoft Office/Wordpad and Scripting Engine Memory Corruption Vulnerability, etc. featured among the most exploited vulnerabilities list in 2019 and earlier as well. These long-term vulnerabilities which are easy to exploit and impact a large scale of the user base, are often sold in the market of illegal software.

The CVE-2017-0199 vulnerability has been exploited the most since it impacts key products like Microsoft Office 2007-2016, Windows Server 2008, and Windows 7 and 8. One of the key reasons behind the delay in patching these bugs is the fear of downtime or operational disruptions. Companies at times even fear that these patches may break the already working product. 

The report also suggests that the availability of exploit kits has come down drastically over the last few years. It reports that in 2016 there were 62 new exploit kits available in the market while only four made their way to the market in 2019.

TOPICS
Jitendra Soni

Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.  

Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Businessman holding a magnifier and searching for a hacker within a business team.
Cloud streaming hoster StreamElements confirms data breach following attack
Latest in News
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does
Nintendo Virtual Game Card
Nintendo reveals the new Virtual Game Card feature, an easier way to manage your digital Switch games