A Year in Review of Zero-Days Exploited In-the-Wild in 2023
The report, authored by Maddie Stone, Jared Semrau, and James Sadowski from Google’s Threat Analysis Group (TAG), provides a comprehensive analysis of zero-day vulnerabilities exploited in the wild during 2023. It combines insights from TAG and Mandiant for the first time, aiming to identify trends, gaps, and lessons learned rather than detailing individual exploits.
In 2023, Google observed a total of 97 zero-day vulnerabilities exploited, marking a significant increase of over 50% compared to 62 in 2022, although still below the record of 106 in 2021. The vulnerabilities are categorized into two main groups: end-user platforms and products (including mobile devices, operating systems, and applications) and enterprise-focused technologies such as security software.
The report highlights the progress made by end-user platform vendors like Apple, Google, and Microsoft in defending against zero-day exploits. Notable investments in security have led to a decline in previously common vulnerabilities. However, the report also notes a concerning rise in exploitation driven by Commercial Surveillance Vendors (CSVs), which conducted half of the attributed zero-day exploitation by government actors in 2023.
The document emphasizes the importance of organizations building defensive strategies that prioritize the most likely threats to their environments. It encourages organizations to engage with vendors regarding their response processes when a zero-day vulnerability is discovered, including disclosure expectations and patching timelines.
Overall, the report underscores the dynamic nature of zero-day exploitation and the need for continuous adaptation in security measures to counter evolving threats.
Views: 0
