The number of vulnerabilities in Microsoft products has been growing steadily during the last five years, a new Microsoft Vulnerabilities Report by Avecto reveals. More specifically, in 2013, 325 vulnerabilities were discovered and reported, and currently their number is 685. This accounts to an 111 percent increase, and makes 2017 the year with the highest number of Microsoft flaws.
Windows 10 Critical Flaws Increase by 132 Percent
What is mostly alarming is that despite the fact that Windows 10 is considered the most secure Winsows OS to date, the number of critical flaws in it alone increased by 132 percent in 5 years. Researchers counted a total of 587 flaws discovered and reported in Windows Vista, Windows 7, Windows 8.1/RT. 8.1, and Windows 10 in 2017 alone. Vulnerabilities in Windows 10 increased with 64 percent in 2017 in comparison to 2016.
Researchers believe that if admin rights were removed, this could mitigate 80 percent of all critical flaws in 2017. In addition, 95 percent of critical flaws in the browsers of Microsoft could be mitigated if admin rights were to be removed.
As already mentioned, despite being advertised as the safest Windows to date, Windows 10 is experiencing a significant rise of serious vulnerabilities compared to last year.
According to Dr. Eric Cole, CEO of Secure Anchor Consulting, “no matter how many safeguards you put in place, there will always be some risk. Prevention techniques like application whitelisting, removing admin access and adopting the principles of least privilege go a long way toward protecting individual users’ machines and reducing inroads to the network while not severely restricting user functionality.”
Windows Vulnerabilities Through the Years
– The number of flaws has increased 111 percent since 2013, when Avecto conducted their first research dedicated to Microsoft bugs;
– The number of critical flaws has increased with 11 percent since 2013;
– An 89 percent increased has been registered in Microsoft Office vulnerabilities, and a 98 percent increase in Microsoft’s browser flaws;
– Since the release of Avecto’s first report in 2013, 2017 has seen the most significant growth in terms of reported flaws, with 451 security bugs reported in 2016 compared to 685 in 2017.
“Despite the continued rise in vulnerabilities impacting Microsoft software, there are actions that enterprises can take to ensure that they’re protected without sacrificing productivity. The challenges organizations face to improve security have not changed, yet many are still unaware that by simply removing admin rights, the risk of so many threats can be mitigated,” said Mark Austin, co-founder and CEO of Avecto.