MicroNet Systems Integrations

Attackers are Weaponizing Vulnerabilities at Record Rates

Attackers are Weaponizing Vulnerabilities at Record Rates

2018 was a big year.

 

It saw a 138% increase in weaponized vulnerabilities on Adobe products from the previous year, according to a new report.

 

And it doesn’t stop there.

 

Here are some of the highlights from the report:

The report also found that most exploits are out there before a patch is.

 

The extensive analysis of vulnerabilities and weaponization patterns of Adobe products goes as far back as August 1996 and spans 2,891 Common Vulnerabilities and Exposure (CVE) entries.

 

Cloud-based products are the most vulnerable.

Adobe first started offering cloud-based delivery of its products in 2015. That’s when vulnerabilities increased by 357 from 2014.  

 

The most common vulnerability?

Buffer Overflow.

Among the 2,891 vulnerabilities investigated;

Buffer Overflow was the most common type of vulnerability. It was followed by Out-of-bounds Read (195 Common Vulnerabilities and Exposure entries or CVEs) and Use After Free (160 CVEs) types.  

 

The most vulnerable product?

Adobe Acrobat Reader products had by far the most vulnerabilities. It contained 1,338 vulnerabilities in all. When Acrobat DC was introduced in 2015, 137 vulnerabilities were reported.

 

2016 saw an overall increase in the total number of vulnerabilities and high level vulnerabilities.  They jumped overall to 538, from 496 that year. The number of high level vulnerabilities also jumped from 429 to 480 in 2016. However, in 2017, there was a dramatic decrease in overall vulnerabilities across the board. And in 2018, there was a slight increase in overall vulnerabilities, but a sharp drop in high level vulnerabilities.

 

This is a major security concern, particularly for businesses, since such a large amount of businesses and organizations rely on many different Adobe products to conduct their work for themselves and clients.

 

If you want better protection for your business computer network, check out our Managed Services Plan. You’ll get full protection, 24/7, for about $1.33 a day.  

 

Resources:

https://go.risksense.com/WC-Adobe-Spotlight.html?utm_source=website&utm_medium=press