Windows systems don’t patch regularly, so there are always avoidable security incidents. Attackers often prefer attacks on old, unpatched vulnerabilities, because often less resources are required than developing exploits for brand new security vulnerabilities.
The US Government and FBI strongly advise admins to install security updates regularly. You should also check your system for older gaps for which patches already exist. In addition, the experts talk about the most exploited security gaps in recent years.The report provides admins with more in depth information about the gaps and the associated CVE numbers. This information should make it easier to explore and close vulnerabilities in your own systems.
The list is intended for those responsible for IT security so that they can secure their companies. It not only provides information about the weaknesses, but also about possible signs of compromise and instructions on how to remedy the weaknesses.
The List Of Most Exploited Vulnerabilities
- A Windows remote code execution vulnerability, by means of which the attackers can execute arbitrary code remotely using manipulated packets.
- A so called Microsoft Office memory corruption vulnerability with a crafted file, so that attackers can execute arbitrary code.
- A vulnerability in Drupal due to an issue affecting multiple subsystems with standard or common module configurations. An attacker could execute arbitrary code if he exploited it.
- A Microsoft Office remote code vulnerability that allows the attacker to execute arbitrary code over a prepared document.
The list also shows that companies often do not update their IT systems or do it incorrectly. The vulnerabilities were already on the list of the most frequently used vulnerabilities of the US government.
The reason for the hesitant patch behavior is probably the inherent balancing act: For IT security managers, a patch is always a trade-off between the need to secure the systems and the need to keep the systems running. Correction is particularly time-consuming when there are several security gaps.