Microsoft is known for its leading software products such as the Windows operating system for personal computers, the Microsoft Office suite of productivity software including Word, Excel, PowerPoint, Access, and the Internet Explorer and Edge web browsers. These products have also dominated the market, with the Windows operating system taking over 75 percent of the market share world wide, and over 60 percent in the US. Among these top users are veterinary practices in the US and around the world.
However, one aspect that is mostly ignored by Microsoft products’ users is their vulnerability to cyberattacks. Today, most cybersecurity experts agree that Microsoft products are among the most vulnerable software products in the market today, not due to a lack of security measures, but due to their large attack surface and predominant use in enterprise. As a result, Cyber criminals develops programs that can have an impact on as many devices as possible, and with more than a 75% market share for most of their products, Microsoft becomes the number one target.
Data on Microsoft products’ vulnerabilities
Research conducted last year by Atlas VPN Analysists found the number of vulnerabilities in Microsoft products to have reached 1,268 within a span of one year. The research also showed that the most affected Microsoft product was their operating system, Windows, which had a total of 907 vulnerabilities, out of which 132 were classified as critical.
Among the top vulnerabilities that the research found was the elevation of privilege in Microsoft products. These vulnerabilities made up nearly half of all the vulnerabilities detected. The elevation of privilege allowed cybercriminals go gain higher-level permissions on a system or network. The cybercriminals can then use the privileges obtained to steal confidential data, run administrative commands and install malware in computer systems.
The second vulnerability that the research found was remote code execution. This is when cybercriminals are able to execute any type of code remotely on their victims’ computers. Among some of the cyberattacks that are a result of this type of vulnerability are the ransomware attacks, that spiked last year, causing millions of dollars in losses.
In third place was the leaking of information from Microsoft products to unintended and unauthorized parties. According to the data, these types of vulnerabilities account for 14% of all vulnerabilities disclosure can expose private customer data to cybercriminals, which they can use to compromise and extort ransom.
When looking at the most vulnerable Microsoft product, the research found that their operating system, Windows, was the most vulnerable. However, this was not due to Microsoft’s lack of security measures, it was due to the amount of market share that the operating system holds in the market, making it more economically viable for cybercriminals to create malware targeting the most popular operating system in the market. Windows Server was recorded as having the largest number of vulnerabilities. The product, which is critical to most businesses and organizations, is also a top target for cybercriminals looking to cripple operations and extort money or steal data.
Other Microsoft products such as Edge, Internet Explorer, and Office Sutes were also found to have vulnerabilities that cybercriminals used to target them.
Recent High-Profile Microsoft vulnerabilities
Late last year, one of Microsoft’s products, Microsoft Exchange servers, was compromised by a China-based, government sponsored hacking group known as HAFNIUM. The Exchange server is one of the most popular products from Microsoft, and which most veterinary practices use, directly or indirectly, to host their practice management systems, their data, cloud services, and other services. The compromise allowed hackers to install web shells that enabled them to remotely administer these servers. The zero-day exploit also allowed cybercriminals to establish a permanent presence on these servers without being detected, and it is estimated that thousands, if not millions, of servers were compromised during the attack.
Although the cybersecurity threat was patched by Microsoft, the threat in Microsoft products still continues to impact veterinary practices around the world.
In March of this year, Microsoft released an update that patched 92 vulnerabilities. According to the company, three of these vulnerabilities were zero-day vulnerabilities that can be used by hackers to carry out massive cyberattacks that affect millions of personal computers around the world. Some of these patches include:
Remote Desktop Client remote code execution that could have allowed execution of code by attacker with control of a Remote Desktop Server on the Remote Desktop Protocol (RDP) client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client. Although such an attack is hard to carry out, the vulnerability was fixed to avoid future workarounds that would have compromised millions of computers.
Windows Fax and Scan service could have allowed attackers to escalate their privileges in a network resulting in a wide attack. In most veterinary practices, Fax and scanners and printers are part of their network, and such vulnerabilities would have exposed them to cyberattacks.
Exchange server: Microsoft is still in the process of fixing all Exchange server vulnerabilities after last year’s attacks. On March, they fixed the High Efficiency Video Coding (HEVC) which could have allowed attackers to convince victims to download and open specially crafted files that could have led to crashes.
The VP9 video extensions was also fixed. The vulnerability worked the same way as the High Efficiency Video Coding vulnerability and could have allowed cyberattackers to trick victims into downloading files that crashed their systems.
Conclusion for Veterinary practices
Microsoft products still remain a market leader in the software industry. Their products are also some of the most secure in the industry. However due to their market share, Microsoft products are the most vulnerable to attacks. In recent years, cyberattacks targeting Microsoft products have impacted veterinary practices, resulting in millions of dollars in losses.
To prevent attacks arising from vulnerabilities arising from Microsoft products, practice owners should ensure that all their software are patched with the latest security updates. They should also keep up to date with the latest vulnerabilities to find out whether they are likely to be targeted. It is also important to protect your Windows computer with programs such as anti-virus and anti-malware to avoid getting attacked by cybercriminals and ransomware gangs.
Need help managing the security updates with your Microsoft products? Lucca can make this much easier for you! Schedule a FREE call to see how Lucca can help to keep your hospital safe.