Majority of top vulnerabilities targeted last year were disclosed in the past two years, agencies from the United States, United Kingdom, and Australia have said, with Microsoft Office CVE dating from 2017.
Article Link: Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities | ZDNet