{"id":105224,"date":"2026-04-22T11:00:01","date_gmt":"2026-04-22T07:00:01","guid":{"rendered":"https:\/\/techxmedia.com\/en\/?p=105224"},"modified":"2026-04-22T11:00:02","modified_gmt":"2026-04-22T07:00:02","slug":"beyondtrust-report-flags-surge-in-critical-vulnerabilities","status":"publish","type":"post","link":"https:\/\/techxmedia.com\/en\/beyondtrust-report-flags-surge-in-critical-vulnerabilities\/","title":{"rendered":"BeyondTrust Report Flags Surge in Critical Vulnerabilities"},"content":{"rendered":"\n

<\/p>\n\n\n\n

BeyondTrust<\/a>, the global leader in privilege-centric identity security protecting Paths to Privilege\u2122, has released the 13th edition of its annual Microsoft Vulnerabilities Report. The findings show a critical shift in the threat landscape.<\/p>\n\n\n\n

The report reveals that while total vulnerability volume appears to be stabilizing, critical vulnerabilities are rising sharply. This trend indicates that severity and exploitability are increasing.<\/p>\n\n\n\n

The analysis is based on publicly issued Microsoft security bulletins published throughout 2025. It highlights a changing risk profile driven by AI-accelerated vulnerability discovery, expanding cloud adoption, and more advanced attacker strategies targeting identity and privilege.<\/p>\n\n\n\n

According to James Maude, Field CTO at BeyondTrust, organizations should not focus only on declining totals. He stated that critical vulnerabilities have doubled, showing that risk is becoming more concentrated, especially around privilege. He added that Elevation of Privilege continues to dominate because attackers rely on it to reach critical systems.<\/p>\n\n\n\n

Maude also noted a ninefold increase in critical vulnerabilities across Azure and Dynamics 365. He emphasized that this reflects where risk concentration is happening. Furthermore, he said that rising identity compromise attacks and standing privileges mean patching alone is no longer sufficient. Organizations must treat every identity, human or machine, as a potential risk path.<\/p>\n\n\n\n

The report shows that Microsoft recorded 1,273 total vulnerabilities in 2025. This marks a 6% decrease from 1,360 in 2024. At first glance, this suggests improvement and reflects ongoing security investments.<\/p>\n\n\n\n

However, the report indicates that traditional tracking methods may not fully capture emerging risks. This is especially true as AI-<\/a>driven systems, non-human identities, and complex cloud environments evolve.<\/p>\n\n\n\n

At the same time, critical vulnerabilities doubled year over year, increasing from 78 to 157. This reverses a multi-year decline and highlights growing risk severity.<\/p>\n\n\n\n

In addition, Elevation of Privilege vulnerabilities accounted for 40% of all reported issues, totaling 509. This confirms their role as a primary method for attackers to escalate access, move laterally, and compromise systems.<\/p>\n\n\n\n

The report also identifies cloud and enterprise platforms as key drivers of risk expansion. Critical vulnerabilities in Microsoft Azure and Dynamics 365 increased ninefold, rising from 4 to 37.<\/p>\n\n\n\n

Similarly, Microsoft Office vulnerabilities surged to 157, more than tripling compared to the previous year. Critical vulnerabilities within Office increased tenfold, signaling increased risk in widely used tools.<\/p>\n\n\n\n

Meanwhile, some areas showed improvement. Microsoft Edge vulnerabilities dropped significantly to 50 in 2025, marking an 83% decrease year over year.<\/p>\n\n\n\n

Overall, the findings highlight a shift toward fewer but more severe vulnerabilities. As a result, organizations are being urged to strengthen identity and privilege security strategies, according to BeyondTrust.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

BeyondTrust, the global leader in privilege-centric identity security protecting Paths […]<\/p>\n","protected":false},"author":58,"featured_media":105226,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1595,9621],"tags":[1051],"contributor":[9732],"class_list":["post-105224","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-emerging-technologies","tag-vendors","contributor-news-desk"],"featured_image_src":"https:\/\/techxmedia.com\/en\/wp-content\/uploads\/2026\/04\/BeyondTrust.jpg.jpeg","author_info":{"display_name":"Lubna","author_link":"https:\/\/techxmedia.com\/en\/author\/lubna\/"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/posts\/105224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/users\/58"}],"replies":[{"embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/comments?post=105224"}],"version-history":[{"count":1,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/posts\/105224\/revisions"}],"predecessor-version":[{"id":105225,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/posts\/105224\/revisions\/105225"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/media\/105226"}],"wp:attachment":[{"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/media?parent=105224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/categories?post=105224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/tags?post=105224"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/techxmedia.com\/en\/wp-json\/wp\/v2\/contributor?post=105224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}