10 security holes exploited by hackers in 2018

Microsoft accounted for 8 of the top 10 vulnerabilities in the world most exploited by hackers in 2018. The other two positions on this list belong to Adobe Flash and Google Android vulnerabilities. This is a statistic made by analysts from Recorded Future, which specializes in fraudulent attacks and trojan malware distribution campaigns. Although manufacturers have now released security patches for those vulnerabilities, not all users have upgraded to these patches, so the level of losses continues to increase.

The fact that Microsoft is the most popular target for hackers is understandable because its technology is widely used all over the world.

The most exploited flaw, topping this list is the remote code execution vulnerability CVE-2018-8174, with the Double Kill nickname. This vulnerability is located in Windows VBSsipt and can be exploited by hackers via Internet Explorer.

Second on this list is the Zero-day CVE-2018-4878 Flash Adobe, first discovered in February 2018. After only a few hours of discovery by researchers, an emergency patch was released, but a large number of users were still hacked through the CVE-2018-4878 vulnerability because they did not upgrade this patch . Currently, the CVE-2018-4878 vulnerability has appeared in many other exploit kits. One of the most notable exploit kits is Fallout, which is used to power the still-growing ransomware software to this day, ransomware GandCrab. But this vulnerability will disappear by 2020 thanks to available patches.

Discovered in December 2016, CVE-2017-11882, the Microsoft Office software security vulnerability ranks third in the list of most exploited vulnerabilities in 2018. CVE-2017-11882 allows malicious code runs at a time when a user opens a modified file containing malicious code that could put their computer at risk of malicious software being compromised.

Here is a list of the 10 most exploited security vulnerabilities in 2018: