Windows zero-days don’t usually work against the latest OS version



Attacks using zero-days are rarely effective against the most recent versions of Windows, according to Matt Miller, a security engineer with the Microsoft Security Response Center.

In new statistics released today, Miller said that only around 40% of all Windows zero-days were successfully exploited against the latest Windows versions since 2015.

This means that the vast majority of Windows zero-days used in live attacks only work against older versions of the OS, and users who kept their operating systems up to date where safeguarded from some of these attacks.

Per Miller, in two out of three cases, the zero-days didn’t work against recent versions of Windows due to the mitigations Microsoft had added to the OS.

Read more…