IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft products targeted by most widely-used exploits in 2019

Eight of the top ten exploitable flaws targeted Microsoft software, in addition to two Adobe Flash Player vulnerabilities

Large Microsoft sign on a show floor at Ignite 2019

Eight of the top ten most commonly exploited vulnerabilities used by cyber criminals last year comprised software developed by Microsoft, namely the Microsoft Office suite, WinRAR and Internet Explorer. 

Microsoft products were the most-targeted exploits by the criminal underworld in 2019 through phishing, exploit kits or remote access trojans (RATs), with two flaws in Adobe’s Flash Player making up the full complement. 

Staggeringly, six of the vulnerabilities, all impacting Microsoft, were repeats from 2018’s list of most-exploited flaws, according to a report by Recorded Future.

Four of the ten flaws alone affected Internet Explorer, suggesting that the legacy internet browser is still widely-deployed among organisations, with the remaining vulnerabilities comprising three for Office and one for WinRAR.

“Despite experiencing a drop in browser usage, Internet Explorer is still running in many enterprise environments, making it a top target for threat actors,” the report said. “Only two Adobe Flash vulnerabilities made the top 10, likely due to a combination of better patching and Flash Player’s impending demise in 2020.”

“Many vulnerability and patch management teams face the challenge of keeping up with countless product patch updates without having visibility into which vulnerabilities are actively exploited by cybercriminals.”

Despite there being more than 12,000 vulnerabilities with a CVE rating in 2019, this is fewer than in the 2018 calendar year, when there were 16,000 reported vulnerabilities. More than 1,000 of the 12,000 vulnerabilities recorded last year were prescribed a CVSS score of nine or higher, deeming them ‘critical’.

Moreover, the number of new exploit kits continued to decrease in 2019 versus the previous year, dropping from five to four. This trend was also true for RATs, with 23 new Trojans developed last year versus 37 in 2018.

Many of the top-ten exploited vulnerabilities for 2019 were flaws that were identified a number of years ago, including 9.3 CVSS-rated Office flaw CVE-2017-11882, and the 9.3 CVSS-rated Office flaw CVE-2012-0158.

Notably, the flaw CVE-2017-0199, which was also an Office flaw rated 9.3 in severity, was highlighted as one of the most exploited vulnerabilities for the past three consecutive years. This was targeted by several strains malware ranging from njRAT, to Pony, to QuasarRAT.

Two prominent vulnerabilities from 2019, namely EternalBlue and EternalRomance, were not included in the top ten due to adoption by nation-state hackers as opposed to run-of-the-mill cyber criminals.

Related Resource

Report: The State of Software Security

This annual report explores important trends in software security

Download now

Despite the prominence of Microsoft software targeted last year, the most widely-exploited was an Adobe Flash bug, dubbed CVE-2018-15982, which is a use-after-free vulnerability, meaning that memory can be accessed after it has been freed.

The researchers behind the report have taken this opportunity to urge organisations to prioritise patching Microsoft products in their respective technology stacks, over unpatched systems by other vendors.

Flash Player, meanwhile, should be automatically disabled on employees’ browser settings, with sites increasingly removing this technology ahead of Adobe dropping support for the video player on 31 December 2020.

With the average vulnerability staying alive for seven years, the researchers added, it’s important that organisations patch older vulnerabilities with just as much urgency as freshly exploited flaws.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022