BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights

This year’s report identified the following highlights:

• 700 Microsoft vulnerabilities were reported in 2018, representing a 110 percent increase in the overall number of reported vulnerabilities over 6 years (2013-2018).
• The number of vulnerabilities ranked as “Critical” by Microsoft are up 29 percent over 6 years (2013-2018).
• Remote Code Execution (RCE) vulnerabilities account for the largest proportion of total Microsoft vulnerabilities through 2018, with 292 RCE vulnerabilities reported, and 178 considered Critical (61 percent).
• In 2018, 499 vulnerabilities were reported across Windows Vista, Windows 7, Windows RT, Windows 8/8.1, and Windows 10 operating systems, 169 considered Critical (34 percent).
• Despite being the newest browser, Microsoft’s Edge browser has nearly triple the number of Critical vulnerabilities reported (112), compared to Internet Explorer (39). Critical vulnerabilities in Microsoft Edge have increased six-fold since its inception two years ago.
• Vulnerabilities in Microsoft Office continue to rise year-over-year, with a 121 percent increase over 6 years (2013-2018).
• Windows Server Vulnerabilities represent a significant percentage of the total number of vulnerabilities reported, reporting 449 in 2018, 136 of those Critical (30 percent).

Read more.