US-CERT lists the 10 most-exploited security bugs and, yeah, it’s mostly Microsoft holes people forgot to patch

Update, update, update. Plus: Flash, Struts, Drupal also make appearances

Vulnerabilities in Microsoft Windows, Office, and Windows Server, for which patches have been available for years, continue to be the favorite target for hackers looking to spread malware.…

...continue reading...

Source: Theregister.co.uk/security / Article: "US-CERT lists the 10 most-exploited security bugs and, yeah, it's mostly Microsoft holes people forgot to patch"