Security News > 2022 > April > Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021

Google Project Zero called 2021 a "Record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year.

"The large uptick in in-the-wild 0-days in 2021 is due to increased detection and disclosure of these 0-days, rather than simply increased usage of 0-day exploits," Google Project Zero security researcher Maddie Stone said.

The sandbox escape is "Notable for using only logic bugs," Google Project Zero researchers Ian Beer and Samuel Groß explained last month.

A platform-wise breakdown of these exploits shows that most of the in-the-wild 0-days originated from Chromium, followed by Windows, Android, WebKit/Safari, Microsoft Exchange Server, iOS/macOS, and Internet Explorer.

What's more, Google Project Zero pointed out the lack of public examples highlighting in-the-wild exploitation of zero-day flaws in messaging services like WhatsApp, Signal, and Telegram as well as other components, including CPU cores, Wi-Fi chips, and the cloud.

"0-day will be harder when, overall, attackers are not able to use public methods and techniques for developing their 0-day exploits," forcing them "To start from scratch each time we detect one of their exploits."

News URL

https://thehackernews.com/2022/04/google-project-zero-detects-record.html