Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster

Google Project Zero specialists presented a report according to which software vendors began to fix 0-day vulnerabilities faster. For example, last year organizations needed less time than in previous years to fix 0-day vulnerabilities discovered by experts. On average, companies took 52 days to fix bugs, while three years ago they needed an average of… Continue reading Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster

Six 0-day vulnerabilities fixed in Windows, including a commercial exploit issue

As part of June Patch Tuesday, 50 vulnerabilities in Microsoft products were fixed, including six 0-day vulnerabilities in Windows. Vulnerabilities that have been patched were found in Microsoft Office, .NET Core and Visual Studio, Edge browser, Windows Cryptographic Services, SharePoint, Outlook and Excel. Six zero-day vulnerabilities that were already under attack were also addressed, with… Continue reading Six 0-day vulnerabilities fixed in Windows, including a commercial exploit issue

Google says that a quarter of all 0-day vulnerabilities are new variations of old problems

Google analysts studied the 0-day vulnerabilities they discovered in 2020, and concluded that almost a quarter of the problems are new variations of already known bugs that had previously received patches. The authors of the report write that many problems could have been avoided if the developers immediately corrected their products more thoroughly. In 2020,… Continue reading Google says that a quarter of all 0-day vulnerabilities are new variations of old problems

Google: 11 0-day vulnerabilities identified in the first half of 2020

Google Project Zero experts estimate that 11 0-day vulnerabilities, actively exploited by hackers, were identified in the first half of 2020. The current number of 0-day problems indicates that, most likely, that overall this year will be identified the same number of zero-day vulnerabilities, as in 2019 (20). The link above leads to the company’s… Continue reading Google: 11 0-day vulnerabilities identified in the first half of 2020

ZDI experts described five 0-day vulnerabilities in Windows

Researchers from the Trend Micro Zero Day Initiative (ZDI) team published information on five uncorrected 0-day vulnerabilities in Windows, four of which have high risk rate. Three zero-day vulnerabilities, which received identifiers CVE-2020-0916, CVE-2020-0986 and CVE-2020-0915, scored 7 points out of 10 possible on the CVSS vulnerability rating scale. “Essentially, these three problems can allow… Continue reading ZDI experts described five 0-day vulnerabilities in Windows