has published statistics on actively exploited zero-day gaps in software. In the first half of 2020, 11 vulnerabilities fell into this category. This means that the current year is roughly at the level of the previous year, in which Google counted a total of 20 zero-day gaps – most of them in Microsoft products.
A total of eleven vulnerabilities in-Applications only became known because they were already actively used by cybercriminals for attacks. There were three zero-day gaps in Google products. and appear twice in the statistics, and Trend Micro once each.
According to Google, 2019 was also the first year in which a zero-day gap inwas reported. However, no actively exploited zero-day gaps have been found in Linux, Safari or macOS since 2014 – Google has only been maintaining the statistics since 2014.
The company also emphasized that current versions of an operating system or software were not always affected. Google also suspects that the statistics are incomplete. It assumes that some software providers are hiding actively exploited zero-day gaps and issuing fixes as regular updates.
Google also admits that the figures do not allow any conclusions to be drawn about the actual safety of products. There is a general focus on Microsoft, as there are more security tools that specialize in the detection of errors in Windows.
Zero-day gaps are less likely to be discovered in mobile platforms because they are largely isolated, Google continues. On the one hand, these security measures serve to protect users, but on the other hand they can also be to their disadvantage because researchers cannot specifically look for weak points. Apple had recently recognized this conflict and introduced a security program that includes special iPhones for security researchers that have been freed from some restrictions.
Google has been recording and investigating zero-day gaps since 2014, but the company created an evaluation for 2019 for the first time. It should now be updated every year.
To new heights with SkySQL, the ultimate MariaDB cloud
In this webinar we will introduce SkySQL to you, explain the architecture and explain how it differs from other systemsRDS on. You will also get an insight into the product roadmap, a live demo, and how to get SkySQL up and running in minutes.