Can Zero-Day Threats Actually Make Chrome More Secure?

Posted: March 25, 2022

Google Chrome is a widely used and popular web browser, and because of its popularity, it is a common target for hackers. A recent study showcases how there are more zero-day threats being discovered for Google Chrome, but don’t despair; it might not be a bad thing for your favorite web browser. Instead, it could signify exactly the opposite.

Google Chrome’s History with Zero-Day Threats

For a little bit of context, let’s take a look at the numbers associated with zero-day threats and Google Chrome. Between the years of 2015 and 2018, there were no zero-day exploits in the wild, but the numbers have gradually increased over the years. 2020 saw 14 zero-day threat exploits in the wild, half of which belonged to Google Chrome. 2021 saw even greater numbers, with Google Project Zero’s tracking system finding 25 zero-day threats exploited in the wild, with 14 of them targeting Google Chrome.

Simply put, the lack of attacks in the past does not signify that there were not any vulnerabilities during the years of 2015-2018. It just means that more of them are getting caught and fixed now, which should be interpreted as a good thing.

Why Are There More Zero-Day Threats Now?

So, what are the reasons experts believe more zero-day threats are being discovered for Chrome? Let’s take a look at what the reasons are, as outlined by Adrian Taylor of Google Chrome’s Security Team:

  • Greater transparency between browser developers: Google Project Zero gives developers 90 days to fix the vulnerability before disclosing it, so if not, the public will eventually learn of it.
  • The end of support for Adobe Flash Player: Adobe was a popular mode of attack, but it has since left hackers with their only option being to attack the browser directly.
  • An increase in bugs required to attack the browser: There are more layers to break through, so more bugs are required, leading to more vulnerabilities to discover.
  • Browsers are more complex: With more complexity comes more bugs, and web browsers are no exception to this rule.

On a similar note, just because you are not currently experiencing any security problems with your business’ IT, doesn’t mean that there are not serious problems wrong with your current security infrastructure. We recommend that you take a deep dive into your security and ensure that you are doing all that you can to protect your business from the countless threats out there, known and unknown.

Furthermore, you should always be patching your systems as threats are discovered. Unfortunately, no software solution is perfect, so you might be addressing problems periodically throughout the software’s life cycle. Be sure to address these vulnerabilities before you are addressing a data breach.

Digital Sky Solutions can help with this effort. To learn more about how we can perform a comprehensive security audit and patch your system’s vulnerabilities, reach out to us at (250) 483-5623.

Other Articles

What Data is Stolen During a Ransomware Attack?
Ransomware attacks continue to evolve, reaping havoc on small and medium-sized businesses. Every day we learn about new ransomware incidents....
How to Build Cybersecurity into your Business
Have you ever lined up a row of dominoes, only to bump one over and have them knock one another...
Have You Been Breached?
Did you know that you could be the victim of a data breach without even knowing it? It’s possible, really....
Data Backup versus Disaster Recovery
Many business professionals use the terms data backup and disaster recovery as if they are interchangeable, but this is simply...