© 2016 Avecto Ltdavecto.com

2015 Microsoft Vulnerabilities Report: An overview

© 2016 Avecto Ltdavecto.com

We’ve analysed data from Microsoft’s Patch Tuesday Security Bulletins for the third year in a row to produce the 2015 Microsoft Vulnerabilities Report.

Patch Tuesday bulletins are typically released on the second Tuesday of the month and contain fixes for vulnerabilities affecting Microsoft products.

Once released, network administrators, security managers and IT professionals respond quickly to ensure patches are rolled out across systems to protect against known vulnerabilities.

What we did

© 2016 Avecto Ltdavecto.com

The key findings…

© 2016 Avecto Ltdavecto.com

› 524 vulnerabilities reported in total

› 52% increase compared to 2014

› 48% (251) given critical severity rating

› 62 Microsoft Office vulnerabilities – up 210% year-on-year

Microsoft vulnerabilities are on the rise

© 2016 Avecto Ltdavecto.com

Attack surface growing

52%

The increased volume and sophistication of cyber threats is shown in this year’s study.

In the space of a year, the number of Microsoft vulnerabilities increased by 52%.

© 2016 Avecto Ltdavecto.com

Removal of admin rights is key

The study revealed 86% of Critical Windows vulnerabilities could be prevented from executing simply by removing admin rights across the enterprise.

In 2015, 433 vulnerabilities were reported across Windows Vista, Windows 7, Windows RT, Windows 8 / 8.1 and Windows 10 operating systems compared to 300 in 2014.

© 2016 Avecto Ltdavecto.com

Closing the door on web-borne threats Web browsers present malware with a window of opportunity to enter the network.

Last year, there were 238 reported vulnerabilities that affected Internet Explorer (IE) versions 6 -11.

A total of 99.5% of these could be managed by the removal of admin rights alone, giving you a solid security foundation on which to build defense in depth.

© 2016 Avecto Ltdavecto.com

Get your copy

Download your copy of the 2015 Microsoft Vulnerabilities ReportClick here