High-Profile Vulnerabilities Increase Amid Exploitation Trends
The fourth quarter of 2025 recorded significant increases in critical vulnerabilities, particularly targeting mainstream software and libraries, according to research conducted by Kaspersky. The report highlights how these vulnerabilities were quickly exploited in the wild, intensifying the threat landscape.
In Q4 2025, well-known vulnerabilities persisted as prime targets for attackers, with many exploits aimed at unpatched flaws in Microsoft Office products. Specific vulnerabilities such as CVE-2018-0802, CVE-2017-11882, and CVE-2017-0199 were among the most frequently exploited, emphasizing the need for quick updates. Additionally, the exploitation of directory traversal vulnerabilities in archivers like WinRAR showed that attackers are adapting techniques for initial system access, exemplified by CVE-2023-38831 and CVE-2025-6218. Notably, the analysis reported a surge in exploit attempts on Linux systems, particularly against CVE-2022-0847 and CVE-2023-32233, indicating that Linux environments are increasingly at risk.
Defensive Context
Organizations using popular software tools—especially Microsoft products—are at heightened risk due to the prevalence of these known vulnerabilities. Those that rely on Windows and Linux operating systems must remain vigilant. The vulnerabilities discussed can be leveraged by attackers for initial access, making it crucial for environments to maintain updated software.
Why This Matters
The statistics illustrate that critical vulnerabilities are being actively exploited, especially in environments where large user bases utilize outdated software. Organizations running Microsoft Office or Linux-based systems, particularly those accommodating consumer devices, should be aware of the immediate risks presented by these threats.
Defender Considerations
Defenders should prioritize the prompt application of security patches for the vulnerabilities listed in the report, particularly those like CVE-2018-0802 and CVE-2022-0847, which have been actively exploited. Continuous monitoring of exploit attempts in the environment is recommended, especially for software that handles untrusted inputs, like archivers.
Indicators of Compromise (IOCs)
The following significant vulnerabilities are critical for awareness and monitoring:
– CVE-2018-0802
– CVE-2017-11882
– CVE-2017-0199
– CVE-2023-38831
– CVE-2025-6218
– CVE-2022-0847
– CVE-2023-32233
