Microsoft products targeted by most widely-used exploits in 2019

Eight of the top ten exploitable flaws targeted Microsoft software, in addition to two Adobe Flash Player vulnerabilities

Eight of the top ten most commonly exploited vulnerabilities used by cyber criminals last year comprised software developed by Microsoft, namely the Microsoft Office suite, WinRAR and Internet Explorer. 

Microsoft products were the most-targeted exploits by the criminal underworld in 2019 through phishing, exploit kits or remote access trojans (RATs), with two flaws in Adobe’s Flash Player making up the full complement. 

Advertisement - Article continues below

Staggeringly, six of the vulnerabilities, all impacting Microsoft, were repeats from 2018’s list of most-exploited flaws, according to a report by Recorded Future.

Four of the ten flaws alone affected Internet Explorer, suggesting that the legacy internet browser is still widely-deployed among organisations, with the remaining vulnerabilities comprising three for Office and one for WinRAR.

“Despite experiencing a drop in browser usage, Internet Explorer is still running in many enterprise environments, making it a top target for threat actors,” the report said. “Only two Adobe Flash vulnerabilities made the top 10, likely due to a combination of better patching and Flash Player’s impending demise in 2020.”

“Many vulnerability and patch management teams face the challenge of keeping up with countless product patch updates without having visibility into which vulnerabilities are actively exploited by cybercriminals.”

Despite there being more than 12,000 vulnerabilities with a CVE rating in 2019, this is fewer than in the 2018 calendar year, when there were 16,000 reported vulnerabilities. More than 1,000 of the 12,000 vulnerabilities recorded last year were prescribed a CVSS score of nine or higher, deeming them ‘critical’.

Advertisement - Article continues below
Advertisement - Article continues below

Moreover, the number of new exploit kits continued to decrease in 2019 versus the previous year, dropping from five to four. This trend was also true for RATs, with 23 new Trojans developed last year versus 37 in 2018.

Many of the top-ten exploited vulnerabilities for 2019 were flaws that were identified a number of years ago, including 9.3 CVSS-rated Office flaw CVE-2017-11882, and the 9.3 CVSS-rated Office flaw CVE-2012-0158.

Notably, the flaw CVE-2017-0199, which was also an Office flaw rated 9.3 in severity, was highlighted as one of the most exploited vulnerabilities for the past three consecutive years. This was targeted by several strains malware ranging from njRAT, to Pony, to QuasarRAT.

Two prominent vulnerabilities from 2019, namely EternalBlue and EternalRomance, were not included in the top ten due to adoption by nation-state hackers as opposed to run-of-the-mill cyber criminals.

Related Resource

Report: The State of Software Security

This annual report explores important trends in software security

Download now

Despite the prominence of Microsoft software targeted last year, the most widely-exploited was an Adobe Flash bug, dubbed CVE-2018-15982, which is a use-after-free vulnerability, meaning that memory can be accessed after it has been freed.

Advertisement - Article continues below

The researchers behind the report have taken this opportunity to urge organisations to prioritise patching Microsoft products in their respective technology stacks, over unpatched systems by other vendors.

Flash Player, meanwhile, should be automatically disabled on employees’ browser settings, with sites increasingly removing this technology ahead of Adobe dropping support for the video player on 31 December 2020.

With the average vulnerability staying alive for seven years, the researchers added, it’s important that organisations patch older vulnerabilities with just as much urgency as freshly exploited flaws.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020