Researchers at Recorded Future have released a list of top vulnerabilities that saw mass exploitation from threat actors in 2019. Six of these commonly exploited vulnerabilities for the year are repeats from 2018. Apparently, all these repeated vulnerabilities are related to Microsoft products.
Although patches for all these reported vulnerabilities already exist, software patching is often not performed in a timely manner by companies and individuals.
List of commonly exploited flaws
1. CVE-2018-15982 – Adobe Flash Player
2. CVE-2018-8174 – Microsoft Internet Explorer
3. CVE-2017-11882 – Microsoft Office
4. CVE-2018-4878 – Adobe Flash Player
5. CVE-2019-0752 – Microsoft Internet Explorer
6. CVE-2017-0199 – Microsoft Office
7. CVE-2015-2419 – Microsoft Internet Explorer
8. CVE-2018-20250 – Microsoft WinRAR
9. CVE-2017-8750 – Microsoft Internet Explorer
10. CVE-2012-0158 – Microsoft Office
The bottom line
The most effective step that can be taken to protect networks from falling victims to attacks that exploit these vulnerabilities is to ensure all products are up to date. Organizations must apply the required patches as soon as possible.