Microsoft products are top-rated worldwide. However, using these software products poses security risks to users. Atlas VPN released a report that shows the total number of vulnerabilities in Microsoft products. The total number reached 1,268 in 2020. This indicates an increase of 181% in five years. The data in this report were based on the vulnerability data published by Microsoft in security bulletins in the past year.
Windows: most vulnerable Microsoft product
In general, the number of vulnerabilities in Microsoft products has been steadily rising every year. 2016 is the year when Microsoft vulnerabilities jumped by 52%, from 451 to 685. In terms of product, the most vulnerable Microsoft product is Windows. It had a total of 907 issues, of which 132 were critical.
The second most vulnerable Microsoft product is the Windows server; however, it had the most significant number of critical issues. In 2020, 902 vulnerabilities were detected in Windows Server, of which 138 were critical.
Elevation of privilege: most common vulnerability
The most frequently detected issue in Microsoft products is the elevation of privilege that was discovered 559 times in 2020. This accounted for 44% of all Microsoft vulnerabilities in 2020.
Malicious actors aim to gain higher-level permissions on a system or network through elevation of privilege. These privileges allow the attacker to reach confidential data, run administrative commands, or install malware.
Remote code execution occupies the second spot on the list. It accounted for 27% of the total number of Microsoft vulnerabilities in 2020. Spoofing (104), denial of service (46), security feature bypass (30), and tapering (7) are the other kinds of issues discovered in Microsoft products in 2020.