No products in the cart!
Please make your choice.View all catalog
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.
The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that organizations patch such exploits in a timely manner.
This also corroborates with an April 2022 advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which found that bad actors are “aggressively” targeting newly disclosed software bugs against broad targets globally.
Microsoft noted that it only takes 14 days on average for an exploit to be available in the wild after public disclosure of a flaw, stating that while zero-day attacks are initially limited in scope, they tend to be swiftly adopted by other threat actors, leading to indiscriminate probing events before the patches are installed.
It further accused Chinese state-sponsored groups of being “particularly proficient” at discovering and developing zero-day exploits.
This has been compounded by the fact that the Cyberspace Administration of China (CAC) enacted a new vulnerability reporting regulation in September 2021 that requires security flaws to be reported to the government prior to them being shared with the product developers.
Redmond further said the law could enable government-backed elements to stockpile and weaponize the reported bugs, resulting in the increased use of zero-days for espionage activities designed to advance China’s economic and military interests.
Some of the vulnerabilities that were first exploited by Chinese actors before being picked up other adversarial groups include –
The findings also come almost a month after CISA released a list of top vulnerabilities weaponized by China-based actors since 2020 to steal intellectual property and develop access into sensitive networks.
“Zero-day vulnerabilities are a particularly effective means for initial exploitation and, once publicly exposed, vulnerabilities can be rapidly reused by other nation state and criminal actors,” the company said.