Apple computers, although they have increased their general security by reducing their vulnerability by 29% from 2022 to 2023, are not immune to attempts to challenge the protections of their operating system, while the exploitation or use of vulnerabilities has. increased by 30% in the last year, according to the report published by the cybersecurity firm Action1.
Specifically, macOS systems recorded an increase in the exploitation rate of 7%, while on iOS (iPhone) systems this same rate has increased by 8%.
In its 2024 Software Vulnerability Ratings Report, published This June 18 and aimed at business software vulnerabilities, the greater use of vulnerabilities found in macOS operating systems is one of the five key trends included in the study:
- Record exploitation rates for NGINX (100%) and Citrix (57%).
- Increased exploitation rates for macOS and iOS, where macOS saw a more than 30% increase in exploited vulnerabilities.
- MSSQL Server experiences a staggering 1600% increase in critical vulnerabilities, all of them RCE.
- MS Office saw an increase in exploitation rates of 5% in 2023.
- The Edge browser witnessed a record number of RCE vulnerabilities, which increased by 17% in 2023.
On the other hand, the increase in the use of Microsoft Office vulnerabilities shows that attackers are seeking to take full advantage of human error. “Critical MS Office vulnerabilities account for nearly 80% of the total annual vulnerability count, and up to 50% are RCE. In 2023, Microsoft saw its exploitation rate increase to 7%, compared to 2% in 2022. These findings underline attackers’ exploitation of user-facing software prone to human error,” they indicate from Action1.
The acronym RCE stands for “Remote Code Execution”, and refers to those cyberattacks in which the malicious actor manages to infect the computer or activate the malware remotely, either by limiting itself to deploying malicious software or even gaining total control over it. remote device.
Cybercriminals target enterprise software
Mike Walters, president and co-founder of the cybersecurity company, indicates that “with the delay of the NVD [National Vulnerability Database] “In associating Common Vulnerabilities and Exposures (CVE) identifiers with CPE (Common Platform Enumeration) data, our report comes at a critical time and provides much-needed insights into the ever-evolving vulnerability landscape for enterprise software.”
“Our goal is to equip key decision makers with essential knowledge so they can prioritize their vulnerability monitoring efforts using alternative approaches, while challenging traditional reliance on NVDs. In light of the NVD crisis, the cybersecurity community needs to share information and build stronger relationships between private cybersecurity companies, academic institutions, and other threat intelligence platforms to facilitate holistic and timely data sharing so that all “organizations can improve their security posture,” says the manager.
The NVD crisis to which Walters refers responds to a series of critics received by the US National Vulnerabilities Database, which according to some media, is suffering significant delays from the discovery of vulnerabilities to the correct registration in the database from which it can be made known, and served to cybersecurity professionals in the country.
