Six of them were the same as from the previous year, according to new Recorded Future analysis.
Microsoft Products- For the third year in a row, cybercriminals employed vulnerabilities in Microsoft products far more so than security flaws in any other technology, new data for 2019 shows.
Eight out of the 10 most exploited vulnerabilities in 2019 in fact impacted Microsoft products. The other two—including the most exploited flaw—involved Adobe Flash Player, the previous top attacker favorite, according to analysis by Recorded Future.
Like it has done for past several years, Recorded Future analyzed data gathered from vulnerability databases and other sources to try and identify the vulnerabilities that were most used in phishing attacks, exploit kits, and remote access Trojans.
The threat intelligence firm considered data on some 12,000 vulnerabilities that were reported and rated through the Common Vulnerabilities and Exposure (CVE) system last year. Vulnerabilities related to nation-state exploits were specifically excluded from the list because such flaws are not typically offered for sale or even mentioned much on underground forums, according to Recorded Future.
The 2019 analysis showed a continued—and unsurprising—preference among cybercriminals for flaws impacting Microsoft software.
The most exploited vulnerability in 2019 itself was CVE-2018-15982, a so-called use-after-free issue impacting Adobe Flash Player 188.8.131.52 and earlier, and 184.108.40.206 and earlier. Exploits for the remote code execution flaw was distributed widely through at least ten exploits kits including RIG, Grandsoft, UnderMiner, and two newcomers, Capesand and Spelevo. But this vulnerability, and another use-after-free issue impacting multiple Adobe Flash Player versions (CVE-2018-4878), were the only ones in Recorded Future’s top 10 list unrelated to Microsoft.
Four of the remaining eight vulnerabilities in Recorded Future’s top 10 most exploited list impacted Internet Explorer. One of them—CVE-2018-8174—a remote code execution flaw in the Windows VBScripting engine, was the second-most abused flaw this year—and the most exploited issue in 2018. Exploits for the flaw were distributed through multiple exploit kits including RIG, Fallout, Spelevo, and Capesand.