This doesn’t necessarily mean it’s less secure, though

Feb 7, 2017 11:04 GMT  ·  By

A new research conducted by RiskBased Security and analyzing vulnerabilities reported in 2016 reveals that, last year, Microsoft patched a bigger number of security flaws than in 2015, with Internet Explorer and Windows 10 now topping a chart for all-time vulnerability count.

Specifically, the study shows that last year Microsoft addressed a total of 729 vulnerabilities in its software, more than the 703 confirmed for 2015. What’s a bit worrying, however, is that this is nearly the double of the vulnerability count in 2014, when Microsoft found and fixed 383 security flaws.

The research also indicates that Internet Explorer continues to be the Microsoft application with the biggest number of vulnerabilities, with an all-time chart indicating that the browser was affected by no less than 1,261 flaws.

Surprisingly, however, Windows 10 is the runner-up, with Microsoft’s latest operating system getting the second spot with 705 vulnerabilities. Windows 10 was launched in July 2015 and 2016 was its first full year on the market.

Windows Server 2012 is third with 660 vulnerabilities, while Windows 7 comes next with 647 flaws. Windows Vista is fifth with 621.

Users not exposed despite the bigger number of vulnerabilities

What’s essential to know is that although the number of vulnerabilities increased in Windows 10, this doesn’t necessarily mean that the latest operating system is less secure than its predecessors.

Most of these vulnerabilities were privately reported to Microsoft and they were fixed before any exploits went public, so users weren’t exposed to any attacks.

At the same time, Microsoft is also paying particular attention to making Windows 10 capable of mitigating zero-day vulnerabilities even when no patch is available. Recently, the company revealed that Windows 10 Anniversary Update, which was launched in August 2016, managed to cope with attacks aimed at exploiting unpatched vulnerabilities in the operating system, keeping users secure until Microsoft actually delivered a fix.

Furthermore, Microsoft has already started downplaying Windows 7, explaining that it’s less secure than Windows 10 and pointing to the security features that its latest operating system has and which are missing because of the obvious technical limitations on its predecessors.