Trustworthy Computing today released the report, “Software Vulnerability Exploitation Trends,” which looks at the long-term impact of security mitigations that Microsoft has implemented to address software vulnerabilities. The analysis is based on seven years of security vulnerabilities that were addressed through Microsoft security updates and are known to have been exploited.
The study was conducted by the Microsoft Security Engineering Center, which conducts some of the most advanced security science research in the industry, and the Microsoft Security Response Center, which identifies, monitors, resolves, and responds to security incidents and Microsoft software security vulnerabilities.
Here are some of their key findings:
- The number of remote code execution (RCE) vulnerabilities that are known to be exploited per year appears to be decreasing.
- Vulnerabilities are most often exploited only after a security update is available, although recent years have shown an upward trend in the percentage of vulnerabilities that are exploited before a security update is available.
- Stack corruption vulnerabilities were historically the most commonly exploited vulnerability class, but now they are rarely exploited.
- “Use after free” vulnerabilities are currently the most commonly exploited vulnerability class.
- Exploits increasingly rely on techniques that can be used to bypass the Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).
Director of Trustworthy Computing Tim Rains talks about why Microsoft conducts these studies and how it helps both Microsoft and our customers. To learn more, go to Rains’ post on the Microsoft Security Blog.
You might also be interested in:
- Today Show app comes to Windows Phone
- IE11 Developer Preview for Windows 7 and updated modern.IE resources now available
- MSBuild now part of Visual Studio
Deborah Pisano
Microsoft News Center Staff