"Zero-Day Vulnerabilities Surged by Over 50% Annually, Says Google"

According to Google, the volume of zero-day vulnerabilities it detected increased by over 50% from 2022 to 2023, with bugs in third-party components on the rise.  Google discovered a total of 97 zero days in 2023, just shy of the record 106 detected in 2021.  Google claimed end-user platform vendors like Apple, Google, and Microsoft have made “notable investments” to reduce the number of exploitable zero days threat actors can find, making certain types “virtually non-existent” today.  However, the same is not true of enterprise-focused technologies, where Google observed a 64% year-on-year increase in zero days and a general rise in the number of vendors targeted since at least 2019.  Google claims to have spotted a particular focus on security software and appliances over the past year.  Google noted that on the enterprise side, it saw a wider variety of vendors and products targeted and an increase in enterprise-specific technologies being exploited. 

 

Infosecurity Magazine reports: "Zero-Day Vulnerabilities Surged by Over 50% Annually, Says Google"

Submitted by Adam Ekwall on