Google: 2021 was a record year for zero-day vulnerabilities

top cybersecurity companies

The number doubles to 58. Applications and operating systems such as Chrome, Android, Windows and iOS are affected.

2021 was a record year in terms of the number of zero-day vulnerabilities in software like ChromeWindows, Safari, AndroidiOS, Firefox, Office and Exchange. Last year, Google’s Project Zero recorded a total of 58 vulnerabilities that were exploited in the wild before a patch from the manufacturer was available.

The number is more than double the annual detection rate of zero-day exploits in the wild since GPZ began tracking zero-days in mid-2014.

While zero days discovered in the wild represent a “failure” for attackers, notes Maddie Stone, researcher Google Project Zero, in a blog post, pointed out that “without the exploit pattern or a detailed technical report based on the pattern, we can only focus on remediating the vulnerability rather than mitigating the exploitation method as well.”

Google demands broader access to details about known zero-day vulnerabilities

According to Google, this means that attackers can continue to use their existing exploit methods. Attackers are not forced to invest in new methods.

Google hopes more software vendors will disclose that vulnerabilities are already being actively exploited. It is also necessary to make patterns of exploits and detailed technical descriptions accessible to a larger group of researchers.

Leave a Reply

Your email address will not be published.