Zero-day attacks happen due to many reasons ranging from security flaws or bugs within the software or firmware unknown to the vendor and hence does not have an official update. The zero day part refers to the fact that a developer has just learnt about the vulnerability and has ‘zero days’ to fix it.
The recent Zero-attacks have left technology giants like Apple, Google, and Microsoft rushing to fix the vulnerability within their system. From advising their users to updating their software to issuing a warning, the companies have been frantically looking for solutions that can minimise the effect of such adversaries.
Since the beginning of 2021, many zero-day vulnerabilities have surfaced in companies like Apple, Google and Microsoft.
The tech giant warned its two billion Chrome users of an urgent update when an anonymous person on July 12 reported the vulnerability CVE-2021-30563.
Google warned the users of a new zero-day exploit in its widespread web browser Chrome with a high severity level. It has described the vulnerability simply as a “Type Confusion in V8”, an open-source JavaScript engine in Chrome.
The tech titan didn’t disclose any more information on security loopholes until most users were able to update their web browsers. The bug is said to affect the Windows, macOS, and Linux versions of the browser. In addition to the zero-day flaw, the new update by Google fixes seven other security vulnerabilities.
Google was a victim of a major Zero-day attack in 2010, along with 30 other companies. The attack called Operation Aurora, was a series of cyberattacks from China that targeted U.S. private sector companies. The threat actors carried out a phishing campaign that exploited a zero-day flaw in Internet Explorer, compromising Yahoo, Adobe, Dow Chemical, Morgan Stanley, and Google’s networks, with more than two dozen other enterprises stealing their business secrets.
Microsoft
By the end of July Microsoft faced a zero-day horror dubbed the PrintNightmare. Microsoft rushed for an emergency update to stop the vulnerability in the Windows Print Spooler service which was being actively exploited. The zero-day security vulnerability affected all Microsoft Windows OS versions up to Windows 7
The remote code execution bug indexed as CVE-2021-34527 recorded a risk score of 8.2 out of ten on the Common Vulnerability Scoring System (CVSS) scale. The safety gap was so severe that Microsoft decided to issue an out-of-band patch instead of releasing the fix in its usual patch.
The PrintNightmare was considered extremely dangerous for two main reasons. Firstly, all Windows-based systems, including domain controllers and computers with system admin privileges, enabled it by default.
Secondly, an error between researchers’ teams led to an online publication of a proof-of-concept exploit for PrintNightmare, believing that the problem was solved. This confusion arose from a similar vulnerability (CVE-2021-1675), which affects the Print Spooler service as well.
Apple
Apple is known for its security features, yet even the best of systems crumbles under evolving cyber-attacks. With a zero-day vulnerability loose in the wild, Apple rushed in to patch the security vulnerability CVE-2021-30807 with the latest update. According to Apple, CVE-2021-30807 could enable an application to execute code arbitrarily with kernel privileges on vulnerable and unpatched devices. Access to kernel privileges effectively enables attackers to control a device completely, be it iPhone, iPad, macOS notebook, or desktop.
To remediate this, Apple released an iOS 14.7.1 and iPadOS 14.7.1 update to a critical zero-day vulnerability that impacts IOMobileFramebuffer. This kernel extension allows developers to control how a device’s memory handles the screen display.