Google Reports 41 Zero-Day Vulnerabilities Exploited in 2022

Hey there! Let’s chat about some cybersecurity updates that happened last year. If you recall, 2022 had a whopping 41 zero-day vulnerabilities exploited. That’s the second-highest count since 2014 – crazy, right? Thankfully, that number isn’t as high as the 69 reported in 2021, but we still have cause to worry.

Remember zero-days are vulnerabilities that hackers find and exploit before the security folks do. Sounds scary, but it gets worse – in 2022 more than 20% of these flaws were, in fact, variants of previous zero-days. That’s a rise from the previous rate of 25% in 2020.

There’s the bad news, right? The good part though, is we’re getting better with detection and transparency around these vulnerabilities. But, let’s face it, the fact that these variants can still be exploited isn’t cause for celebration. We gotta do better!

One of the challenges seems to be in the patching process. Instead of dealing with vulnerabilities entirely, some fixes simply block the path that was revealed in the proof-of-concept or exploit sample. Basically, we’re dealing with the symptoms instead of curing the disease, and that’s just never good enough. There was an incident in December 2022 when a ransomware exploited a Microsoft vulnerability that had supposedly been mitigated. But, the folks managed to bypass the fix, showing clearly that we must invest more effort on comprehensive solutions.

Here’s a bit of more bad news for Android users. Google researchers discovered that known vulnerabilities essentially served as zero-days due to a lack of timely patches. In simpler terms, cyber crooks didn’t need to find new vulnerabilities to exploit, because there were already openings not yet patched. So, if you’re an Android user, keep those patches updated!

Meanwhile, browser security was a bit of a shining star in all of this! There’s been a downward trend in zero-day vulnerabilities thanks to new browser mitigations. Although, let’s not heave a sigh of relief just yet. Many attackers have moved toward zero-click exploits, which don’t even target the browser.

Last year, there was a rise in the practice of vulnerability sharing – separate attackers using the same vulnerabilities and in some cases, researchers uncovered bugs that were later discovered to be used by cyber attackers. However, there’s a silver lining; when one of these inherited bugs is found and fixed, it often inadvertently disrupts another attacker’s scheme.

As a wrap-up, we don’t necessarily see a steady rise or fall in our security landscape based on these figures. It does however help us understand what works and what doesn’t, and points out where we need to focus more. Fixing vulnerabilities promptly and thoroughly, sharing technical information as much as possible, and learning from reported bugs should be high priorities.

Notably, another company, Mandiant, reported similarly jarring numbers of exploited zero-day vulnerabilities. Mandiant is now part of Google Cloud, although their acquisition only got completed last September.

Remember, cybersecurity is a challenge we all share. Let’s keep our systems updated and move towards a safer digital world!

by Morgan Phisher | HEAL Security