Zero-days have dropped by a third in one year, according to Mandiant – but don’t break out the bunting quite yet, as it’s still the second-highest year on record.
Our CEO Mark Lamb offered his thoughts to Help Net Security on this year’s crop of zero days, and the TLDR version is patch, patch and patch again.
(And then patch some more, ideally).
Mandiant found that threat actors exploited 55 zero-days in 2022 – no prizes for guessing the most-targeted products, which was Microsoft with 18 actively exploited zero days.
Mark said that the sudden drop in zero days is “surprising” – but the continued enthusiasm of attackers is not.
He says, “Businesses should use this data to reinforce the importance of patching, even if they can cause business disruptions.
“As soon as zero-days are disclosed, the clock starts ticking on attackers who are looking for ways to exploit them, so as soon as fixes are released, these must be prioritised and applied to systems.
“When it comes to patches, most large vendors release them on a specific date every month, so these should be applied as close to release as possible.”