zerodays
-
Blog
70% of exploited flaws disclosed in 2023 were zero-days
Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 vulnerabilities disclosed as actively exploited in 2023, Mandiant says 97 (70.3%) were leveraged as zero-days. This means that threat actors exploited the flaws in attacks before the impacted vendors knew of…
Read More » -
Blog
September’s Patch Tuesday update fixes 4 zero-days – Computerworld
Windows Update and Installer. Windows Hyper-V. Windows Kernel and Graphics (GDI). Microsoft MSHTML and Mark of the Web. Remote Desktop (RDP) and TCP/IP subsystems. The real concern is that three of these vulnerabilities (CVE-2024-38014, CVE-2024-38217, CVE-2024-43491 have been reported as exploited. In addition, another reported vulnerability in the Windows HTML subsystem (CVE-2024-38217) has been reported as publicly disclosed. Given these four zero-days,…
Read More »