Microsoft patched 524 vulnerabilities across its line of products in 2015, of which 251 were rated as critical severity, according to an analysis by security software company Avecto. Overall, 63 percent of all vulnerabilities Microsoft patched in 2015 could have been mitigated by removing administrator rights from user accounts, the company found.