Windows 10 users have been warned about the security threats they risk being hit with when using Microsoft software.
Windows 10 is now the most popular operating system in the world, after overtaking the ageing Windows 7 in the OS popularity ranks.
Latest stats from Netmarketshare give Windows 10 a 40.30 per cent chunk of the OS marketplace.
This is compared to Windows 7’s 38.41 per cent share of the operating system market.
Overall, all versions of Windows have a staggering 87.43 per cent chunk of the OS marketplace.
And this huge userbase of PC fans has been put on alert about the risks associated with Microsoft software.
A new study revealed eight out of the top 10 vulnerabilities exploited by cybercriminals in 2018 targeted Microsoft software.
The report by Recorded Future said these vulnerabilities were exploited as part of phishing, exploit kit or remote access trojan (RAT) attacks.
Windows 10 update – Bad news for Microsoft fans as shock security risk revealed
In a post online, Kathleen Kuczma explained: “For the second year in a row, Microsoft was consistently targeted the most, with eight of the top 10 vulnerabilities impacting its products.
“In 2017, seven of the top 10 vulnerabilities also affected Microsoft. Conversely, the majority of 2016 and 2015’s top vulnerabilities targeted Adobe Flash Player.”
The study revealed the top exploited vulnerability was CVE-2018-8174 – which affected Microsoft’s Internet Explorer web browser.
Other top vulnerabilities affected Microsoft Office and Adobe Flash Player.
Kuczma explained: “The top exploited vulnerability on the list, CVE-2018-8174, a Microsoft Internet Explorer vulnerability nicknamed “Double Kill,” was included in four exploit kits (RIG, Fallout, KaiXin, and Magnitude).
“Exploit kits associated with this vulnerability were noted to spread the malware Trickbot through phishing attacks.
“The Magnitude exploit kit delivered Magniber ransomware, which primarily targeted users in Asia where computer default languages were in Korean, Chinese, or Malay.”
Kuczma also added that another Internet Explorer vulnerability had made the top 10 list for three years in a row.
Windows 10 is the most popular operating system in the world
This marked a first for the study conducted by the threat intelligence experts.
Explaining why this was the case, Kuczma said: “For the first time, a vulnerability has made the top 10 vulnerability list three years in a row — CVE-2016-0189.
“Why has this vulnerability persisted?
“For starters, CVE-2016-0189 is not dependent on one version of Internet Explorer (it impacts IE 9 through 11), resulting in a more reliable vulnerability to exploit.
“Because of this versatility, the vulnerability has been successfully incorporated into a variety of various exploit kits over the years, as many as five in 2018 (Underminer, Magnitude, Grandsoft, KaiXin, and RIG).
“Additionally, there are no mitigating factors available to prevent CVE-2016-0189 — the only workarounds are restricting access to two common dynamic-linked library files: VBScript.dll and JScript.dll.”
Windows 10 has overtaken Windows 7 as the world’s most popular browser
The study also offered advice on how to stay safe from the aforementioned vulnerabilities. It suggested that PC fans…
• Prioritise patching of all the vulnerabilities identified
• Do not forget to patch older vulnerabilities — the average vulnerability stays alive for nearly seven years
• Remove the affected software if it does not impact key business processes
• Consider Google Chrome as a primary browser