Microsoft recorded 1,228 security vulnerabilities in 2023, representing a 5% decline from the year prior and the steady prevalence of reported security issues since 2020, TechRepublic reports.
Such a decrease in reported security flaws may be due to Microsoft's tighter partnership with security researchers and its crackdown on various means of potential exploitation, including the end of support for Internet Explorer and other security enhancements in Office apps, according to a BeyondTrust report, which also showed a slight reduction in the number of critical vulnerabilities reported by the tech giant between 2022 and 2023.
Most of the flaws reported by Microsoft last year were privilege escalation issues, followed by remote code execution, information disclosure, and denial-of-service bugs, while most of the critical vulnerabilities were found in Windows Desktop and Server instances.
"As the overall number of Microsoft vulnerabilities stabilizes and the number of critical vulnerabilities decreases, we see that attackers, much like water, will flow to the path of least resistance and focus much more of their attention on identities," said the report.