Compiled by Avecto, this report analyses the data from security bulletins issued by Microsoft throughout 2016. Microsoft bulletins are typically issued on the second Tuesday of each month, a date commonly referred to as "Patch Tuesday", and contain fixes for vulnerabilities affecting Microsoft products that have been discovered since the last bulletin’s release.
With the release of Windows 10, Microsoft reduced the response time between vulnerability discovery (Zero Day) and the patch being rolled out, by releasing them as soon as they are available.
The 2016 Microsoft Vulnerabilities Report is the fourth version of Avecto's research. During this period the number of vulnerabilities has risen by 60%, from 333 to 530.
In 2015, there were a total of 251 Critical vulnerabilities, this dropped to 189 in 2016, while in 2014 there were 240.
The report finds that the risk associated with 94% of Critical vulnerabilities could be mitigated by removing admin rights.
Download the full report
The 2016 report takes an in-depth look at the vulnerabilities affecting Windows, Office, browsers Windows Server and more - highlighting the clear case for admin rights removal in the enterprise as part of a proactive approach to endpoint security.