Since the report debuted in 2013, it has garnered over 15,000 downloads and has benefited thousands of users with detailed data analysis and expert findings. In this year's edition, get additional insights garnered from a decades-worth of vulnerability analytics and much more.
This 10-year anniversary edition of the Microsoft Vulnerabilities Report dissects the 2022 Microsoft vulnerabilities data and highlights some of the key shifts since the inaugural report.
Read the full report for a deeper dive into these findings so you can better understand, identify, and address the risks within the Microsoft ecosystem.
This report will spotlight some of the most significant CVEs of 2022 (9.0+ CVSS severity scores), break down how they are leveraged by attackers, demonstrate how they can continue to "snowball" despite patching, and explain how they can be prevented or mitigated. You’ll also gain prescriptive advice for effectively addressing vulnerabilities, access to the expert commentary of noteworthy industry leaders, and a special AI guest will weigh in as we look ahead to how the next decade of threats, vulnerabilities, and cyber defenses may unfold.
Find out how this year’s Microsoft vulnerability findings align to the 10-year trends--and why it might be a case of "Mo Money Mo Problems” for Microsoft.
Find out how vulnerabilities have trended between categories (including Elevation of Privilege and Remote Code Execution) and between Microsoft products, and more importantly, why.
Learn why the vulnerability count can start to snowball--even after a vulnerability is found and patched.
Hear from notable industry figures, such as Jane Frankland, CEO, KnewStart Founder, IN Security Movement; Derek Hanson, Vice President Solutions Architecture & Alliances, Yubico; Charles Henderson, Global Managing Partner & Head of X-Force, IBM; Troy Hunt, Founder & CEO, Have I Been Pwned, Microsoft Regional Director & MVP; Paula Januszkiewicz, CEO, CQURE; Marc Maiffret, Chief Technology Officer, BeyondTrust; Avi Shua, CEO & Co-Founder, Orca Security.
And don't miss a special commentary from our featured AI guest.
Learn 5 indispensable mitigation strategies for securing your Microsoft environment.
Timely patching is an important way to minimize the chance of a vulnerability-related breach. Yet, with this strategy alone, organizations will still be at risk of zero-day exploits. In addition, patching vulnerabilities is not always practical or desired by an organization. That’s why it’s crucial to have proactive security defenses, such as a least privilege posture, in place.
This proactive approach can provide highly effective protection, even in the absence of patching. Removing local admin rights, and controlling execution, has historically mitigated 75% of Microsoft’s critical vulnerabilities.
When it comes to reducing the risk associated with Microsoft critical vulnerabilities, BeyondTrust Privileged Access Management (PAM) delivers a robust range of benefits. This includes gaining proactive protection against external threats (ransomware, malware, etc.) and insider threats.