Security consultant: Only 27 flaws were massively exploited by malicious software in 2009 and 2010. Memory corruption vulnerabilities accounted for 19 of the vulnerabilities exploited by such kits. If companies had turned on a security measure known as data-execution protection in Windows systems, they would have been immune to 14 of the 19 attacks based on memory corruption vulnerabilities. The lesson is to focus on countermeasures that foil these attacks, rather than patching every vulnerability, says Daniel Guido. The efforts should augment efforts to increase the overall security of the company, he says.”]
Source: https://www.csoonline.com/article/2128162/simple-defenses-are-sometimes-the-best.html