aidarrow-end-inversearrow-endWhy choose AvectoAchieve complianceOperational efficiencycompliancedefendpoint-coloureddefendpoint-thin-2DesktopScaleResources.iconsAsset 21insider-threatsavecto-logo-smallquotation-marksransomwareResources.iconsResources.iconsResources.iconsResources.iconsResources.iconsResources.iconssafePrevent attacksAsset 19social-engineeringTrustedtriangleStop insider attacksAsset 20Resources.iconsResources.iconszero-days

Download the report

Introduction

Compiled by Avecto, this report analyses the data from security bulletins issued by Microsoft throughout 2016. Microsoft bulletins are typically issued on the second Tuesday of each month, a date commonly referred to as "Patch Tuesday", and contain fixes for vulnerabilities affecting Microsoft products that have been discovered since the last bulletin’s release.

With the release of Windows 10, Microsoft reduced the response time between vulnerability discovery (Zero Day) and the patch being rolled out, by releasing them as soon as they are available.

The 2016 Microsoft Vulnerabilities Report is the fourth version of Avecto's research. During this period the number of vulnerabilities has risen by 60%, from 333 to 530.

In 2015, there were a total of 251 Critical vulnerabilities, this dropped to 189 in 2016, while in 2014 there were 240.

The report finds that the risk associated with 94% of Critical vulnerabilities could be mitigated by removing admin rights.

What can we learn from the vulnerabilities report

Download the full report

The 2016 report takes an in-depth look at the vulnerabilities affecting Windows, Office, browsers Windows Server and more - highlighting the clear case for admin rights removal in the enterprise as part of a proactive approach to endpoint security.