Recent News - ESET Releases Annual Report of the Most Vulnerable Microsoft Windows Components


2017-01-05

Today, ESET published Windows Exploitation in 2016, an annual report that summarizes the highs and lows of the most widely used operating system, Microsoft Windows®. Across the report’s 25 pages, ESET gives an overview of the vulnerabilities that have occurred over the past 12 months, providing details on infamously vulnerable components such as Internet Explorer and Windows User-Mode Components.

Compared to last year’s report, Windows Exploitation in 2016 discloses that the number of fixed vulnerabilities in Windows increased in all segments except one, Internet Explorer (IE). It saw a steep drop in the number of vulnerabilites falling from 242 to 109 over the past twelve months.

On the other hand, Windows User-Mode Components, a processor mode where a majority of applications and some drivers for Windows OS run, lost nothing to its popularity among cybercriminals. In the report, ESET identifies Windows User-Mode Components with 116 fixed vulnerabilities as the leader in 2016’s chart. Among the most prevalent ways cybercriminals misuse 0-days in User-mode is remote code execution and elevation of the privileges of malicious components.

Despite being the newcomer in the report, Microsoft Edge, has been resistant to exploitation, and as a close second it has been attributed with its first 111 vulnerabilities patched. Unlike IE, Edge keeps modern security features such as AppContainer or 64-bit processes for tabs turned on by default, which makes it less vulnerable.

The Windows Exploitation Report 2016 contains detailed statistics about vulnerabilities fixed in Microsoft-supported versions of Windows, its components, web browsers, as well as the Office suite, and also provides information about issued updates. The report’s author also took a detailed look at exploit mitigations in recent Windows versions and the security effectiveness of major web browsers, as they represent very attractive targets for attackers.

To download the complete Windows Exploitation in 2016 report, click here. To read more about information security on ESET’s official blog, WeLiveSecurity.com, or learn about ESET’s advanced security technologies.


 

About ESET
ESET®, the pioneer of proactive protection and the maker of the award-winning ESET NOD32® technology, is a global provider of security solutions for businesses and consumers. For over 26 years, the Company continues to lead the industry in proactive threat detection. By obtaining the 80th VB100 award in June 2013, ESET NOD32 technology holds the record number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. In addition, ESET NOD32 technology holds the longest consecutive string of the VB100 awards of any AV vendor. ESET has also received a number of accolades from AV-Comparatives, AV-TEST and other testing organisations and reviews. ESET NOD32® Antivirus, ESET Smart Security®, ESET Cyber Security® (solution for Mac), ESET® Mobile Security and IT Security for Business are trusted by millions of global users and are among the most recommended security solutions in the world.

ESET recently updated its two-factor authentication (2FA) application, adding a secure validation to weak and static user passwords. This updated version of ESET’s 2FA application provides flexibility and deeper integration of 2FA into bespoke applications, making it the best cost-effective solutions for SMBs everywhere.

The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Jena (Germany), Prague (Czech Republic) and Sao Paulo (Brazil). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Košice (Slovakia), Krakow (Poland), Montreal (Canada), Moscow (Russia) and an extensive partner network for more than 180 countries. For more information visit http://eset.version-2.sg/ or follow us on Facebook.

 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

For more information, please visit www.version-2.com.sg or call (65) 6296-4268.

Previous News Next News

Return to the previous page