According to Matt Miller, a security engineer with the Microsoft Security Response Center, many zero-day vulnerabilities are ineffective against the newest versions of Windows 10.
Miller analyzed zero-day attacks from 2015 to 2019 — focusing on how exploitation attacks have become less frequent since the release of Windows 10. The report concluded that over 40% zero-day attacks have failed to affect Windows 10 since 2015 owing to the mitigations added in the latest operating system.
At the BlueHat Israel security conference back in February, Miller stated that most Windows vulnerabilities are now being exploited as zero days. These vulnerabilities are targeted either before Microsoft gets a chance to release a patch or in a case when companies fail to patch a vulnerability.
Two out of three is not enough
According to Miller, in two out of three cases, the zero-day attack didn’t work with newer Windows 10 updates. But one could also say that only one out of three attacks were able to breach the “most secure OS system.”
In a study conducted by Ponemon Institute back in 2018, zero-day vulnerabilities and file-less attacks were considered the most dangerous risks to an enterprise. While a big enterprise would be able to come up with a patch quite early, many small enterprises do not have enough money to develop patches. Every day that goes without a patch leads to loss of huge sum of money.
Back in October, a researcher discovered a zero-day vulnerability in Windows 10 that allowed attackers to delete files without user permission. While Microsoft was quick to fix it, attacks like these have been going on for many years.