Security News > 2022 > February > Google Project Zero: Vendors are now quicker at fixing zero-days

Google Project Zero: Vendors are now quicker at fixing zero-days
2022-02-11 17:40

Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.

As the data shows, the average period software vendors needed to issue security fixes reported by Project Zero last year was 52 days, down from 80 days three years ago.

In the highly competitive field of mobile OS, Google reports the same performance from both iOS and Android, with the former having an average fix time of 70 days, with the latter needing 72 days.

In the web browser category, Chrome beats everyone with an average bug-fixing period of 29.9 days, while Firefox comes second with 37.8 days.

Apple took more than double that time to fix WebKit flaws, which have been plaguing Safari in the past couple of years, needing an average of 72.7 days.

WebKit is the outlier in this analysis, with the longest number of days to release a patch at 73 days.


News URL

https://www.bleepingcomputer.com/news/security/google-project-zero-vendors-are-now-quicker-at-fixing-zero-days/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995