ESET®, a global pioneer in proactive protection for more than two decades, today publishes its annual report Windows Exploitation in 2015. In this report ESET analyzes the major vulnerabilities of Microsoft Windows that have occurred in the past 12 months, highlighting new security features introduced in Windows, web browsers and Microsoft’s Enhanced Mitigation Experience Toolkit.
“The main goal in writing this report on Windows exploitations is to notify ESET’s customers and users worldwide about the importance of installing updates to fix various unpatched vulnerabilities,” said Artem Baranov, Malware Researcher at ESET Russia.
Compared to the results from 2014, the number of patched vulnerabilities in Microsoft Windows components quadrupled in 2015. The most patched item remained Internet Explorer, followed by Windows’ User Mode Components (UMC).
The report provides readers with statistics about the most significant vulnerabilities, including Hacking Team. It also describes the most common approaches used by exploitations, such as drive-by downloads, Local Privilege Escalation (LPE) or use-after-free (UAF) attacks. The report offers useful insights into the latest mitigation techniques that Microsoft has introduced to Google Chrome and Edge.
More detailed information is available on WeLiveSecurity.com. The full Windows Exploitation in 2015 report is available for download from the White Paper section on WeLiveSecurity.com.
About ESET
Since 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.