Google’s Project Zero discovered more than double the exploits in 2021

Project Zero, Google’s internal team of experts tasked with discovering zero-day exploits, reports that it more than doubled in 2021.

According to the team’s annual report, a record 58 zero-day exploits were found in 2021. This is more than double the 25 records detected in 2020 and the 28 previous records detected in 2015.

(Credit: Google)

Such a big rise may trigger an alarm, but Google puts a positive spin on the news.

“We believe that the significant increase in zero-day attacks in 2021 is not simply due to increased use of zero-day exploits, but to increased detection and disclosure of these zero-day attacks.” I have written Maddy Stone, Google’s Project Zero Security Researcher.

Google also said that of the 58 zero-day exploits discovered in 2021, “only two were outstanding as novel. One was the technical sophistication of the exploit and the other was from the sandbox. It’s the use of logic bugs to escape. “

The remaining 56 zero-day exploits were similar to previous commonly known vulnerabilities.

But that’s not the reason for complacency. Over the last two years, there have been numerous large-scale attacks using zero-day vulnerabilities.

“2021 emphasized how important it is to pursue relentlessly to make it difficult for attackers to exploit users in 0 days,” Stone adds.

“heard that’s all When that’s all When that’s all How the government targeted journalists, ethnic minorities, politicians, human rights advocates, and even security researchers around the world. “

Last year, Microsoft warned of zero-day vulnerabilities in Windows 10, Exchange, Office, and finally issued a patch for over 100 potential risks. Apple’s platform is not immune. In the past few months alone, we’ve had to rush multiple updates to patch different zero-day exploits.

Zero-day exploits may never be zero, but faster detection and patching is the next best option.

“We want attackers to be more costly, resource-intensive, and overall difficult to use zero-day features,” Stone summarizes.

(Photo courtesy of Jung Woo Hong upon Release the splash).

Related: Software Security v12 State: Don’t be complacent, but we’ve come a long way

Want to know more about cybersecurity and the cloud from industry leaders? check out Cyber ​​Security & Cloud Expo It will be held in Amsterdam, California and London.

See other upcoming enterprise technology events and webins with TechForge Here..

tag: 0 days, Cyber ​​security, Cyber ​​security, Exploit, Google, hacking, infosec, Project zero, safety, Vulnerability, Zero day Google’s Project Zero discovered more than double the exploits in 2021

Back to top button