Known unknowns - zero-days in the wild
Read OriginalThe article examines the controversy over disclosing unpatched vulnerabilities, using Google Project Zero's disclosure of a Microsoft Edge flaw as a case study. It argues that the common demand for 'evidence of use in the wild' is flawed, as sophisticated attackers like nation-states operate stealthily. Citing examples like the Trident iOS exploit and reports from RAND, it contends that many zero-days are actively exploited for years without detection, necessitating a shift in how the security industry assesses risk.
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser
Top of the Week
No top articles yet