Google security researchers discovered 58 zeros in 2021. This is the largest number of bugs exploited in the wild since the Project Zero division began tracking them in 2014. The company says this is largely due to better detection methods.
The bugs were discovered by experts at Project Zero, Google’s in-house bug tracking team. It searches the Internet for vulnerabilities, including vulnerabilities, that attackers actively abuse. Since this department started tracking zero days specifically in the middle of 2014, not many have been found, google writes† The previous questionable record occurred in 2015, when 28 were discovered. In 2020, researchers discovered 25 days zero.
Researchers do not believe that the number of active attacks is increasing much. It’s hard to say for certain, because zero days are by definition the only active attacks that exist. It is therefore impossible to determine how many active attacks there are in total if they are not detected. Google believes the latter plays a role in this new record. It will be easier to discover zero day. Companies will also share information about vulnerabilities more quickly.
However, according to security researchers, the security sector can do more to prevent Zero Day. Most zero-day vulnerabilities, researchers say, are similar to flaws in details that have already been revealed. The researchers say that all but two of the detected zero days used such methods. This relates to 17 post-free use bugs, six out of bounds bugs, and four buffer flood and four integer overflowing† Most vulnerabilities are found in WebKit for Chrome and Safari, as well as in Internet Explorer.
Google recommends that software makers publish the status of active attacks in their public information, such as security bulletins or blogs. Companies should also share more frequent and detailed samples of exploits. Google also makes specific software recommendations. The company says more attention should be paid to memory corruption vulnerabilities. The company says these will be the most popular. This will be the case in 39 cases.
