By understanding Windows based
vulnerabilities, organizations can stay a step
ahead and ensure information availability,
integrity, and confidentiality. Listed below are
the Top 10 Windows Vulnerabilities:
- Web Servers - mis-configurations,
product bugs, default installations, and
third-party products such as php can
- Microsoft SQL Server - vulnerabilities
allow remote attackers to obtain sensitive
information, alter database content, and
compromise SQL servers and server hosts.
- Passwords - user accounts may have weak,
nonexistent, or unprotected passwords. The
operating system or third-party applications
may create accounts with weak or nonexistent
- Workstations - requests to access
resources such as files and printers without
any bounds checking can lead to
vulnerabilities. Overflows can be exploited
by an unauthenticated remote attacker
executing code on the vulnerable device.
- Remote Access - users can unknowingly
open their systems to hackers when they
allow remote access to their systems.
- Browsers – accessing cloud computing
services puts an organization at risk when
users have un-patched browsers. Browser
features such as Active X and Active
Scripting can bypass security controls.
- File Sharing - peer to peer
vulnerabilities include technical
vulnerabilities, social media, and altering
or masquerading content.
- E-mail – by opening a message a
recipient can activate security threats such
as viruses, spyware, Trojan horse programs,
- Instant Messaging - vulnerabilities
typically arise from outdated ActiveX
controls in MSN Messenger, Yahoo! Voice
Chat, buffer overflows, and others.
- USB Devices - plug and play devices can
create risks when they are automatically
recognized and immediately accessible by
Windows operating systems.
Network security audits help organizations
identify, manage, and reduce their network and
desktop security risks. Formal and
ensure a top down approach to managing network
Security Blog menu
Tags: top 10 windows vulnerabilities | top
10 windows risks | windows security risks |
desktop security risks