Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now
Oh, and Flash! Arrrrrggghhh
Eight out of the ten most exploited vulnerabilities tracked by threat intelligence biz Recorded Future in 2018 targeted Microsoft products – though number two on its list was, surprise surprise, a Flash flaw.
The most exploited vuln in the firm's hall of shame was a remote code execution flaw in Windows' VBScript engine that could pwn users who opened a booby-trapped web page with Internet Explorer.
"Exploit kits associated with this vulnerability were noted to spread the malware Trickbot through phishing attacks," said Recorded Future in a report published today.
The Flash vuln was none other than one exploited by North Korean state-backed hackers – first detected by South Korea's CERT, which discovered a flood of booby-trapped MS Office documents, web pages, spam messages and more.
Meanwhile, a near three-year-old vuln continues to be one of the most exploited flaws tracked by Recorded Future. Unveiled in July 2016, the Neutrino exploit kit was built out of code first published by white hats trying to provoke Microsoft into cleaning up an Internet Explorer zero-day vuln.
Recorded Future said it had seen five new exploit kits using the underlying code to target hapless IE users, warning that "the only workarounds are restricting access to two common dynamic-linked library files: VBScript.dll and JScript.dll".
The threat intelligence biz used a list of 167 exploit kits to define its master list of commonly abused vulns, as well as 492 remote-access Trojans. Its report specifically excluded Spectre, Meltdown and Eternalblue, on the grounds that the latter was "not used by the criminal underground", while the former pair were also not "heavily utilized" by miscreants. ®
Similar topics
Broader topics
Narrower topics
- Azure
- Bing
- BSoD
- Excel
- Internet Explorer
- Microsoft 365
- Microsoft Build
- Microsoft Edge
- Microsoft Office
- Microsoft Surface
- Microsoft Teams
- .NET
- Office 365
- Outlook
- Patch Tuesday
- Pluton
- SharePoint
- Skype
- SQL Server
- Visual Studio
- Visual Studio Code
- Windows
- Windows 10
- Windows 11
- Windows 7
- Windows 8
- Windows Server
- Windows Server 2003
- Windows Server 2008
- Windows Server 2012
- Windows Server 2013
- Windows Server 2016
- Windows XP
- Xbox
- Xbox 360
- Y2K
- Zero Day Initiative