Google Chrome gets a patch for actively exploited zero-day vulnerability
- by nlqip
Spyware vendors are responsible for most exploits
In a March report, researchers from Google’s Threat Analysis Group (TAG) and Mandiant, a Google subsidiary, counted 97 zero-day exploits being used in attacks during 2023.
Commercial surveillance vendors that sell spyware to government customers were responsible for over 60% of the 37 exploits impacting browsers and mobile devices, as well as for 13 of the 37 zero-day vulnerabilities that specifically impacted Google products: Chrome and Android.
It’s worth noting that none of the eight zero-day vulnerabilities that impacted Google Chrome in 2023 were caused by use-after-free memory safety bugs. That’s mainly thanks to a new exploit mitigation technology called MiraclePtr that Google built into the browser in 2023. By comparison, half of the exploitable vulnerabilities in Chrome found in 2022 were user-after-free ones.
Source link
lol
Spyware vendors are responsible for most exploits In a March report, researchers from Google’s Threat Analysis Group (TAG) and Mandiant, a Google subsidiary, counted 97 zero-day exploits being used in attacks during 2023. Commercial surveillance vendors that sell spyware to government customers were responsible for over 60% of the 37 exploits impacting browsers and mobile…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA