The security firm ESET published a new report named “Windows exploitation in 2015”. The document contains statistical information about security headlines of Windows vulnerabilities and numbers which are compared with 2014 report.
Main sections are about new security features in Google Chrome, Microsoft Edge, information about Hacking Team exploits, and new features of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET).
We can easily understand the reason of Microsoft’s support ending for web browsers Internet explorer before version 11 from January 16,2016 (excluded Windows Vista SP2 (IE9) or Windows
Server 2012 (IE10)). Table-1 clearly lists the CVE names and number which were discovered during the year 2015.
Another interesting table is about the vulnerabilities of Windows UMC (User Mode Components). These vulnerabilities can be used by attackers to implement remote execution of malicious code (RCE) or to gain maximum privilege in a system. The report also shows that in 2015, 4 times more vulnerabilities were fixed in UMC category by Microsoft than 2014.
We are recommending to read this report on ESET’s website.