Google discovered a record number of 58 zero days in 2021
Google security researchers have discovered 58 zero days in 2021. That’s the highest number of bugs exploited in the wild since the Project Zero division began looking for them in 2014. This is largely due to better detection methods, the company says.
The bugs were discovered by experts at Project Zero, Google’s internal bug tracking team. This searches the internet for vulnerabilities, including vulnerabilities that are also actively abused by attackers. Since that department started tracking zero-days specifically in mid-2014, not many have been found, writes Google. The previous dubious record happened in 2015, when 28 were discovered. In 2020, the researchers discovered 25 zero days.
The researchers don’t think the number of active attacks is increasing very much. It’s hard to say for sure, because zero-days are by definition the only active attacks found. So it is impossible to say how many active attacks there are in total if they are not detected. Google thinks that the latter plays a role in this new record. It would be easier to discover zero days. Companies would also share information about vulnerabilities more quickly.
However, according to the security researchers, the security industry can do even more to prevent zero days. The researchers say that most zero-day vulnerabilities resemble bugs with details that have already been revealed. All but two of the zero-days discovered used such methods, the researchers say. This concerns 17 use-after-freebugs, six out-of-bounds bugs, four buffer overflows and four integer overflows. Most vulnerabilities were found in Chrome and Safari’s WebKit, as well as Internet Explorer.
Google recommends software makers post the status of active attacks in their public information, such as security bulletins or blogs. Companies should also share more frequent and more detailed samples of exploits. Google also makes a concrete recommendation in the field of software. The company says more attention should be paid to memory corruption vulnerabilities. Those would be the most common, the company says. That would be the case in 39 cases.