Kaspersky warns Indian enterprises of rising exploits on unpatched systems

Kaspersky has revealed that persistent software vulnerabilities continue to expose Indian businesses to cyber threats, with more than 7,34,526 exploit attempts blocked by Kaspersky enterprise solutions between January and June 2025, an average of over 4,000 attacks per day.

Exploits are malicious programs that take advantage of software or operating system vulnerabilities to gain unauthorised access. When systems remain unpatched, these flaws act as open doors for cybercriminals, increasing the risk of infiltration, data theft, or ransomware deployment.

Globally, Kaspersky’s Q2 2025 analysis found that the most targeted vulnerabilities were within Microsoft Office products, particularly affecting outdated or unpatched versions. The most frequently exploited flaws included:

• CVE-2018-0802: Remote code execution vulnerability in the Equation Editor component.

• CVE-2017-11882: Another Equation Editor vulnerability enabling arbitrary code execution.

• CVE-2017-0199: A vulnerability in Microsoft Office and WordPad allows attackers to take control of systems.

According to the report, the top 10 most exploited vulnerabilities included a mix of both new zero-day flaws and older unpatched issues that enterprises continue to overlook. Zero-day vulnerabilities, discovered by attackers before vendors can issue patches, remain a major threat due to their unpredictability and lack of immediate defence.

Kaspersky also observed that both cybercriminals and advanced persistent threat (APT) groups increasingly target remote access tools, document editors, and system logging frameworks. Notably, low-code/no-code (LCNC) platforms and frameworks for AI-powered applications are now appearing on attackers’ radars, signalling that threat actors are adapting rapidly to exploit emerging technologies as businesses embrace them.

LCNC platforms allow non-technical users and professional IT teams to build applications with minimal coding. However, their widespread adoption, if not properly secured, creates new entry points for attackers to escalate privileges and gain long-term access to enterprise networks.

“An almost 4% rise in exploits we blocked against Indian businesses during the first six months of the year may not sound big on paper, but it shows how persistent these threat actors are,” said Adrian Hia, Managing Director for Asia Pacific, Kaspersky. “This is where threat intelligence makes all the difference; it tells Indian businesses which doors the criminals are already rattling, so they can lock them before it’s too late.”

In total, Kaspersky solutions detected and blocked 22,96,414 web threats in India during the first half of 2025, a 13.7% increase compared to the same period last year. Web threats, which often begin online but impact broader systems, remain one of the most prevalent forms of enterprise compromise in India.

The findings underscore a growing concern: patch management and threat intelligence remain critical to securing enterprise IT ecosystems. As Indian organisations continue to adopt new technologies, including AI, LCNC platforms, and cloud environments, maintaining regular updates, timely patching, and proactive vulnerability management are essential to reducing attack surfaces and preventing costly breaches.

Read More:

How AI Is empowering SMBs to redefine customer experience

DEP’s Basant Sharma: AI and Digital Twins will define India’s next wave of manufacturing

How enterprise cloud is transforming in India with AI-native innovation?

Beyond Make in India: How IMS 2025 is powering the next era of industrial self-reliance