Google analysts studied the 0-day vulnerabilities they discovered in 2020, and concluded that almost a quarter of the problems are new variations of already known bugs that had previously received patches. The authors of the report write that many problems could have been avoided if the developers immediately corrected their products more thoroughly. In 2020,… Continue reading Google says that a quarter of all 0-day vulnerabilities are new variations of old problems
Tag: 0-Day
Google Chrome fixed second 0-day vulnerability in two weeks
Google developers have released Chrome version 86.0.4240.183 for Windows, Mac and Linux, which fixed 10 different problems. The update also includes a patch for a 0-day vulnerability in Google Chrome, which hackers are already actively using. The bug was identified as CVE-2020-16009 and was discovered by the Threat Analysis Group (TAG), Google’s internal security team… Continue reading Google Chrome fixed second 0-day vulnerability in two weeks
Google Project Zero discovered a 0-day vulnerability in the Windows kernel
Google Project Zero has discovered a 0-day vulnerability in the Windows kernel (CVE-2020-17087). It has been reported that this bug could be exploited by an attacker with local access to escalate privileges and escape the sandbox. What is worse, it is already being used in targeted attacks. The vulnerability is related to the operation of… Continue reading Google Project Zero discovered a 0-day vulnerability in the Windows kernel
Google engineers fixed Chrome 0-day vulnerability that was already under attacks
Google engineers have released an updated version of Google Chrome (86.0.4240.111) and warn that they have fixed in browser 0-day vulnerability that has been already under active attacks. The error was discovered internally by Google Project Zero. It is identified as CVE-2020-15999 and is associated with the FreeType font rendering library included with standard Chrome… Continue reading Google engineers fixed Chrome 0-day vulnerability that was already under attacks
Google: 11 0-day vulnerabilities identified in the first half of 2020
Google Project Zero experts estimate that 11 0-day vulnerabilities, actively exploited by hackers, were identified in the first half of 2020. The current number of 0-day problems indicates that, most likely, that overall this year will be identified the same number of zero-day vulnerabilities, as in 2019 (20). The link above leads to the company’s… Continue reading Google: 11 0-day vulnerabilities identified in the first half of 2020
ZDI experts described five 0-day vulnerabilities in Windows
Researchers from the Trend Micro Zero Day Initiative (ZDI) team published information on five uncorrected 0-day vulnerabilities in Windows, four of which have high risk rate. Three zero-day vulnerabilities, which received identifiers CVE-2020-0916, CVE-2020-0986 and CVE-2020-0915, scored 7 points out of 10 possible on the CVSS vulnerability rating scale. “Essentially, these three problems can allow… Continue reading ZDI experts described five 0-day vulnerabilities in Windows
Microsoft fixed 0-day vulnerability in Internet Explorer and 99 more bugs in its products
Recent February “update Tuesday” became the largest for Microsoft in a long time: within its framework were fixed almost 100 different bugs, including the 0-day vulnerability in Internet Explorer, which was already under attack, and 11 other critical problems. Recall that back in January 2020, Microsoft reported a zero-day vulnerability in Internet Explorer, which the… Continue reading Microsoft fixed 0-day vulnerability in Internet Explorer and 99 more bugs in its products