Project Zero, an in-house team of Google experts and analysts tasked with finding advanced according to a report from the team published Tuesday.threats known as zero-day vulnerabilities and exploits, detected a record-breaking 58 in-the-wild exploits in 2021,
A zero-day vulnerability refers to security flaws that developers have just become aware of, hence, they’ve “zero days” to fix or “patch” it. When gone undetected, such flaws could lead toand . Last year, , including Microsoft Exchange and Microsoft Office, before promptly .
Since forming in 2014, Project Zero’s highest number of detected and disclosed zero-day exploits came in 2015 with a total of 28, less than half those detected in 2021. The contrast was even higher year over year, with only 20 zero-day exploits detected and disclosed in 2020.
The spike may indicate, which have and the , but Project Zero says the likely culprit is improvements in detecting and reporting zero-day occurrences. The report stated that the vast majority of zero-day exploit uses are “similar to previous [and] publicly known vulnerabilities,” with only two events that stood out for its “technological sophistication” or logic. So, in spite of the increase in detected zero-days, your online security doesn’t appear to be in any more danger than previous years, at least when it comes to zero-day vulnerabilities.
That’s not to minimize the risk of zero-day vulnerabilities, however. Online security is still and always will be a concern for individuals and businesses. One way to protect yourself against malware and ransomware is to ensure youris up to date — those patches and updates are released for a reason. Using a and can also help keep your connection safe and secure. In the meantime, Project Zero will continue working towards their goal, which is to simply “make 0-day hard.”
Google didn’t respond to a request for additional comment.
Source from www.cnet.com