Microsoft safety vulnerabilities drop after five-year rise
While elevated privilege assaults stay a vital safety concern when utilizing Microsoft merchandise, a brand new report says that the uncooked variety of vulnerabilities is dropping.
Martyn Williams/IDG
The complete variety of Microsoft vulnerabilities reported in 2021 dropped by 5%, reversing a five-year development that noticed such vulnerabilities rising sharply, in keeping with a brand new report from identification administration and safety vendor BeyondTrust.
A complete of 1,212 new vulnerabilities had been found in 2021, however their severity, in addition to their location within the Microsoft household of software program merchandise, has modified considerably 12 months over 12 months. Vulnerabilities rated as “vital” on the CVSS commonplace dropped by 47% prior to now 12 months, reaching their lowest ranges since BeyondTrust started issuing this report, 9 years in the past.
Vulnerabilities on Windows, Windows Server drop
Windows and Windows Server each noticed sharp drops in complete vulnerabilities detected, by 40% and 50%, respectively, whereas vulnerabilities affecting Microsoft’s Edge and Internet Explorer browsers hit a document excessive.
Assisting within the newest evaluation is Microsoft’s transfer to NIST’s frequent vulnerability scoring system, which lets researchers cross-reference safety flaws extra straight with bugs within the exterior ecosystem.
The most typical sort of vulnerability seen in 2021 concerned privilege elevation, the place an attacker beneficial properties admin rights to a system by illicit means. A complete of 588 such vulnerabilities had been found in 2021. BeyondTrust’s researchers credit score a extra widespread adherence to good safety practices for this rise — perversely, a common lower in customers with pointless admin privileges helped focus dangerous actors’ efforts on makes an attempt to realize elevated privileges in numerous methods.
Attackers innovate to realize admin rights
“Without quick access to customers with native admin rights, attackers have began to innovate to realize elevated privileges that may then be used to compromise programs, steal credentials, and transfer laterally,” the report mentioned.
The second-most frequent sort of vulnerability centered on distant code execution, which is especially harmful since assaults focusing on such flaws will be performed remotely, with little or no consumer interplay required. A complete of 326 of those vulnerabilities had been present in 2021, 35 of which rated a 9.0 or increased on the CVSS scale.
“With one of these danger, a workable exploit isn’t a matter of ‘does an exploit exist,’ however moderately ‘when will it’s publicly obtainable,'” mentioned the BeyondTrust report.
The report additionally broke out vulnerabilities in key Microsoft merchandise, together with Azure, Windows and Microsoft Office. The latter noticed only one vital vulnerability, in comparison with a complete of 66 present in 2021, whereas the identical numbers for Azure and Dynamics 365 had been seven and 44, respectively.
BeyondTrust’s researchers praised Microsoft’s constant efforts to maintain Azure protected, and lauded a “regular decline” in Office vulnerabilities. Similarly, the Windows working system itself noticed a 40% drop in complete vulnerabilities in 2021 in comparison with the earlier 12 months, with a 50% drop in vital safety flaws.
Next learn this
- The 10 strongest cybersecurity corporations
- 7 scorching cybersecurity developments (and a couple of going chilly)
- The Apache Log4j vulnerabilities: A timeline
- Using the NIST Cybersecurity Framework to deal with organizational danger
- 11 penetration testing instruments the professionals use
