Microsoft’s product vulnerabilities are hackers’ favorite targets

Costea Lestoc By: Costea Lestoc
3 minute read
microsoft software vulnerability

Recorded Future’s latest cyber attacks and exploit-related reports show interesting facts. The company aims to organize and analyze known and unknown threat data in advanced ways for faster and enhanced security.

According to the company, most flaws that cybercriminals have been using during the course of 2017 in their exploit kits and phishing attacks were found in products made by Microsoft. Recorded Future also reported that some of these vulnerabilities were a few years old.

What’s new in the 2017 reports

The security vendor analyzed thousands of deep forum postings, code repositories, and dark web onion sites back in 2016 and with their latest 2017 report, they continued the work in order to find more known software vulnerabilities.

In the 2015 and 2016 reports, the company found that Adobe Flash had the highest rankings, and now Microsoft seems to be the leader with 7 out of ten top flaws.

Recorded Future explains that:

[…] analysis identified a shift in preference from Adobe to Microsoft consumer product exploits. This is in stark contrast to our previous rankings. Analysis of these sources from January 1, 2017, to December 31, 2017, shows that Adobe is still somewhat popular among cybercriminals but quickly declining.
Some of this change is due to evolving criminal use of exploited vulnerabilities. Overall, exploit kits are declining as criminal efforts have adapted — cryptocurrency mining malware popularity has risen in the past year, for example.

Most common flaws found in Microsoft’s products

windows 10 security

One of the vulnerabilities that were mostly observed in 2017 was CVE-2017-0199, and it was lurking in a few Microsoft Office products.

This allowed hackers to download then execute a Visual Basic script that included Powershell commands from malicious files. This flaw was found in various phishing attacks and exploit builders for this vulnerability were spotted on the dark web being sold for about $400 to $800.

Another significant and frequent vulnerability was CVE-2016-0189 which was listed in the ranking from 2016. The flaw was related to Internet Explorer and offers an easy way for exploit kits used in 2017.

There’s a stringent need to patch all known vulnerabilities

The data released in Recorded Future’s reports should remind everyone the strong need to patch all known issues and flaws. Their reports have also shown a drop in exploit kit activity which stemmed from the decline in Flash Player usage. Users have shifted to more secure browsers, but cybercriminals, as well.

Advice for increased security

Recorded Future advises users to follow a few essential steps in order to enhance security:

  • Choose Google Chrome as the primary browser
  • Enhance user training
  • Backup your system as frequently as possible
  • Use ad blockers
  • Remove affected software
  • Be aware of social media that uses Flash and exposes users to cyber risks.

We highly recommend CyberGhost, a leading VPN provider. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access to your computer.


You can learn more about the complete set of known flaws on Recorded Future’s 2017 Vulnerability Report.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Surface Pro 3 gets new security updates, install goes smoothly

Giles Ensor avatar. By: Giles Ensor
2 minute read

After recent bad news stories about updates released by Microsoft for Windows 10, that you can read here and here, it is refreshing to read (or […]

Continue Reading

Best Windows 10 antivirus software to use in 2018

Radu Tyrsina By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

Sovan Mandal avatar. By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading