iTSTL Blog

iTSTL has been serving the Missouri area since 2015, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Are Chrome’s Zero-Day Threats Actually a Good Thing?

Are Chrome’s Zero-Day Threats Actually a Good Thing?

With Google Chrome being one of the most popular web browsers out there, it’s no surprise that threats want to target it and take advantage of its users. However, up until recently, there have not been very many zero-day threats associated with Chrome. Zero-day threats are attacks that have never been seen before, affecting a new and previously unknown vulnerability. We want to remind you that it’s not always a bad thing when vulnerabilities are discovered in a browser or web application—in fact, it can actually be indicative of good monitoring practices.

Google Chrome’s History with Zero-Day Threats

For some context, let’s examine Google Chrome’s history with these zero-day threats, or rather, lack thereof. From the years of 2015 to 2018, there were no zero-day exploits actively used against Google Chrome, but the numbers have since increased over time. 2020 saw 14 zero-day threats, half of which were used against Google Chrome. 2021 saw an even greater number, with Google Project Zero’s tracking system identifying 25 zero-day threats, 14 of which belonged to Google Chrome.

While this might seem like a problem at first glance, the fact that vulnerabilities were not discovered before does not mean that they didn’t exist between 2015-2018. All it means is that most of them are getting caught and fixed now instead of flying under the radar, and this is a good thing.

Why Are There More Zero-Day Threats Now?

Why do experts think that zero-day threats are being discovered more often in Chrome? The reasons, according to Adrian Taylor of Google Chrome’s Security Team, are as follows:

  • Greater transparency between browser developers: Google Project Zero gives developers 90 days to fix the vulnerability before disclosing it, so if not, the public will eventually learn of it.
  • The end of support for Adobe Flash Player: Adobe was a popular mode of attack, but it has since left hackers with their only option being to attack the browser directly.
  • An increase in bugs required to attack the browser: There are more layers to break through, so more bugs are required, leading to more vulnerabilities to discover.
  • Browsers are more complex: With more complexity comes more bugs, and web browsers are no exception to this rule.

You can apply this idea to your business’ security infrastructure, too. After all, if you are not currently suffering from security problems, that doesn’t mean they don’t exist. We recommend that you take a close look at your security infrastructure and ensure that you are doing all you can to keep your business safe.

Plus, you will need to make sure that you are appropriately patching your systems as threats are discovered. No software solution will be immune to threats, so you should be addressing vulnerabilities as they appear; it sure beats doing it after a data breach.

To this end, iTSTL can help. To learn more, reach out to us at (314)828-1234.

A Digital Signage Revamp Can Change Your Business’...
Businesses Should Consider Partnering with a Secur...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Customer Login


News & Updates

iTSTL is proud to announce the launch of our new website at www.itstl.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what iTSTL can do for your business.

iTSTL
10 Fenton PLZ Suite #1665
Fenton, Missouri 63026