Exploits and vulnerabilities in Q3 2024

Exploits and vulnerabilities in Q3 2024

Q3 2024 saw multiple vulnerabilities discovered in Windows and Linux subsystems that are not standard for cyberattacks. This is because operating system developers have been releasing new security mitigations for whole sets of vulnerabilities in commonly used subsystems. For example, a log integrity check is set to appear in the Common Log Filing System (CLFS) in Windows, so the number of exploits for it will drop. As for Linux, this operating system has the Linux Kernel Runtime Guard (LKRG), implemented as a separate kernel module. Although the first version of LKRG was released back in 2018, it is undergoing constant refinement. And it is becoming more actively used in various Linux builds.


Statistics on registered vulnerabilities


As is customary, this section presents statistics on registered vulnerabilities. The data is taken from cve.org.



Total number of registered vulnerabilities and number of critical ones, Q3 2023 and Q3 2024 (download)


Q3 2024 preserved the upward trend in the number of vulnerabilities detected and registered. As before, the graph shows an increase relative to the same period in 2023 in both the total number of vulnerabilities and the number of critical ones. Notably, the number of discovered vulnerabilities over the three quarters is almost four-fifths of the whole of last year’s figure, further evidence of a marked increase.



Number of vulnerabilities and the shares of those that are critical and of those for which exploits exist, 2019 — 2024 ( exploits vulnerabilities