Google Chrome is a widely used and popular web browser, and because of its popularity, it is a common target for hackers. A recent study showcases how there are more zero-day threats being discovered for Google Chrome, but don’t despair; it might not be a bad thing for your favorite web browser. Instead, it could signify exactly the opposite.
For a little bit of context, let’s take a look at the numbers associated with zero-day threats and Google Chrome. Between the years of 2015 and 2018, there were no zero-day exploits in the wild, but the numbers have gradually increased over the years. 2020 saw 14 zero-day threat exploits in the wild, half of which belonged to Google Chrome. 2021 saw even greater numbers, with Google Project Zero’s tracking system finding 25 zero-day threats exploited in the wild, with 14 of them targeting Google Chrome.
Simply put, the lack of attacks in the past does not signify that there were not any vulnerabilities during the years of 2015-2018. It just means that more of them are getting caught and fixed now, which should be interpreted as a good thing.
So, what are the reasons experts believe more zero-day threats are being discovered for Chrome? Let’s take a look at what the reasons are, as outlined by Adrian Taylor of Google Chrome’s Security Team:
On a similar note, just because you are not currently experiencing any security problems with your business’ IT, doesn’t mean that there are not serious problems wrong with your current security infrastructure. We recommend that you take a deep dive into your security and ensure that you are doing all that you can to protect your business from the countless threats out there, known and unknown.
Furthermore, you should always be patching your systems as threats are discovered. Unfortunately, no software solution is perfect, so you might be addressing problems periodically throughout the software’s life cycle. Be sure to address these vulnerabilities before you are addressing a data breach.
Microtechs can help with this effort. To learn more about how we can perform a comprehensive security audit and patch your system’s vulnerabilities, reach out to us at (415) 246-0101.