Eight out of the top ten vulnerabilities exploited by cybercriminals as part of phishing, exploit kits, or remote access trojan (RAT) attacks during 2018 targeted Microsoft’s software products. Microsoft continues to be the main target of malicious actors following a similarly “busy”” 2017 when the top exploited vulnerabilities changed focus from Adobe’s Flash Player to Microsoft’s products. The number of new exploit kits leveraged by bad actors during the last year dropped by 50% according to the report.”
Source: https://www.bleepingcomputer.com/news/security/80-percent-of-the-top-exploited-vulnerabilities-targeted-microsoft-in-2018/