Windows 10 Has More Vulnerabilities Than Any Other OS

A security analysis of Windows 10 has shown that the software has more vulnerabilities than any other operating system, and that it has nearly 50% more than Windows 8 and 8.1. The report, commissioned by security company Avecto, found particular fault with Microsoft’s two internet browsers – Internet Explorer and Edge – and found that 100% of vulnerabilities in both could be mitigated by merely removing admin rights.

The report – led by Mark Austin, co-founder and co-CEO at Avecto, and Marco Peretti, Chief Technology Officer – found that:

• In total, 530 Microsoft vulnerabilities were reported in 2016, with 36% (189) given a critical severity rating. Of these critical vulnerabilities, 94% were found to be mitigated by removing admin rights, up from 85% reported last year.
• Despite being Microsoft’s newest and ‘most secure’ operating system, Windows 10 was found to have the highest proportion of vulnerabilities of any OS (395), 46% more than Windows 8 and Windows 8.1 (265 each). Avecto’s report found that 93% of Windows 10 vulnerabilities could be mitigated by removing admin rights.
• 100% of vulnerabilities impacting Internet Explorer could be mitigated by removing admin rights, including 100% of the vulnerabilities affecting the latest browser, Edge.
• Microsoft Office products were the subject of 79 vulnerabilities, up from 62 last year. This represents a 295% increase in Office vulnerabilities since 2014. Of the 79 vulnerabilities impacting Office, 17 were classed as Critical, meaning that all businesses using the software were potentially vulnerable to attack.

“Both Marco and I have a shared belief that the key to achieving effective endpoint security is to get the foundations right,” Austin said. “In the 20 years or so that Marco and I have been working in this industry, organizations are still neglecting the basics and skipping straight to the latest ‘next gen’ solution.”

“Privilege management and application control should be the cornerstone of your endpoint security strategy, building up from there to create ever stronger, multiple layers of defense,” he explained. “These measures can have a dramatic impact on your ability to mitigate todays attacks. Times have changed; removing admin rights and controlling applications is no longer difficult to achieve.”

“As a team, Avecto is collectively drawing on years of experience and knowledge to further invest in the capabilities of our Defendpoint software, which uniquely marries together privilege management, application control and content isolation in one solution,” Peretti added. “It’s our belief that privileged escalation attacks can be a thing of the past, not only on Windows machines, but also on Macs. Technology like Defendpoint makes that possible, but we need the wider community to sit up and take notice.”