Cybersecurity and Infrastructure Security Agency, part of US Department of Homeland Security, published a few days ago a list of most popularly exploited vulnerabilities in recent years.
Not surprisingly, most often exploited vulnerabilities concern Microsoft’s Object Linking and Embedding (OLE) technology. Also not surprisingly, for most of the vulnerabilities the relevant patches have been already released and keeping the systems up-to-date should provide good protection.
If you want to get a short executive summary, here is the list:
- and CVE-2018-7600
If you are interested in more details, check out the CISA website:
The vulnerabilities are reported as Alert AA20-133A.