Google: Eleven zero-days detected in the wild in the first half of 2020

According to data collected by Google’s Project Zero security team, there have been 11 zero-day vulnerabilities exploited in the wild in the first half of the year.

The current number puts 2020 on track to have just as many zero-days as 2019 when Google security researchers said they tracked 20 zero-days all of last year.

Details about these zero-days have been obtained from a spreadsheet managed by Google security researchers, which the company made public available earlier this year. The spreadsheet contains Google’s internal statistics about in-the-wild zero-day usage going as far back as 2014, when the company began tracking said stats.

Below we will list this year’s current zero-day vulnerabilities.

Below that, we will also summarize the most important conclusions of the Google’s first Zero-Day Year in Review report, which the company published last week, detailing 2019 zero-days and their causes.


2020 H1 ZERO-DAYS

1. Firefox (CVE-2019-17026)null

This zero-day was used as part of a combo with another zero-day. See below.

Patched here, in Firefox 72.0.1.

2. Internet Explorer (CVE-2020-0674)

Both of Firefox zero-day listed above and this one have been used by a nation-state hacking group known as DarkHotel, believed to be operating out of the Korean peninsula (unclear if from North Korea or South Korea). Both zero-days have been used to spy on targets located in China and Japan, hence why they were both discovered by Qihoo 360 (Chinese antivirus maker) and JPCERT (Japan’s Computer Emergency Response Team).

Victims of this campaign were redirected to a website where they’d be served either the Firefox or IE zero-day, and then they were infected with the Gh0st remote access trojan.

Patched here, in the Microsoft February 2020 Patch Tuesday.null

3. Chrome (CVE-2020-6418)

This zero-day was detected exploited in the wild by Google’s Threat Analysis Group, and details about the attacks where it was used were never released.

Patched here, in Chrome version 80.0.3987.122.

4. & 5. Trend Micro OfficeScan (CVE-2020-8467 and CVE-2020-8468)

Both zero-days were discovered internally by Trend Micro staff. It is believed the zero-days were discovered while Trend Micro investigated a 2019 zero-day in the same product that was used to hack Mitsubishi Electric.

Patched here.null

6. & 7. Firefox (CVE-2020-6819 and CVE-2020-6820)

Details about the attacks where these two Firefox zero-days have been used have not yet been released, although, security researchers suggested these might be part of a larger exploit chain.

Patched here, in Firefox 74.0.1.

8. & 9. & 10. (CVE-2020-0938, CVE-2020-1020, and CVE-2020-1027)

All three bugs have been discovered and reported to Microsoft by Google TAG, and just like most Google TAG discoveries, no details about the attacks have been released — yet.

Patched herehere, and here, in the Microsoft April 2020 Patch Tuesday.

About jay 1240 Articles
I just love blog.

Be the first to comment

Leave a Reply

Your email address will not be published.


*