Microsoft Warns of a Rise in Hackers Exploiting 0 Day Vulnerabilities Known to the Public

Microsoft warns of an increase in the number of the nation-state and criminal actors exploiting publicly disclosed zero-day vulnerabilities to compromise target environments.

In its 114-page Digital Defense Report, the tech giant stated that it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it crucial for organizations to patch such exploits promptly.

This is also consistent with a warning issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in April 2022, which found that malicious actors are “aggressively” targeting newly disclosed software vulnerabilities against broad global targets.

Microsoft stated that it takes an average of 14 days for an exploit to be available in the wild after the public disclosure of a flaw and that while zero-day attacks are initially limited in scope, they are quickly adopted by other threat actors, resulting in indiscriminate probing events before patches are installed.

It also claimed that Chinese state-sponsored groups are “particularly proficient” at discovering and developing zero-day vulnerabilities.

In September 2021, the Cyberspace Administration of China (CAC) enacted a new vulnerability reporting regulation mandating that security flaws be reported to the government before they are shared with product developers.

Redmond added that the law could enable government-backed elements to stockpile and weaponize reported vulnerabilities, leading to an increase in the use of zero-day exploits for espionage activities aimed at advancing China’s economic and military interests.

Among the vulnerabilities initially exploited by Chinese actors before being adopted by other adversarial groups are –

  • CVE-2021-35211 (CVSS score: 10.0) – A remote code execution flaw in SolarWinds Serv-U Managed File Transfer Server and Serv-U Secure FTP software that was exploited by DEV-0322.
  • CVE-2021-40539 (CVSS score: 9.8) – An authentication bypass flaw in Zoho ManageEngine ADSelfService Plus that was exploited by DEV-0322 (TiltedTemple).
  • CVE-2021-44077 (CVSS score: 9.8) – An unauthenticated remote code execution flaw in Zoho ManageEngine ServiceDesk Plus that was exploited by DEV-0322 (TiltedTemple).
  • CVE-2021-42321 (CVSS score: 8.8) – A remote code execution flaw in Microsoft Exchange Server that was exploited three days after it was revealed during the Tianfu Cup hacking contest on October 16-17, 2021.
  • CVE-2022-26134 (CVSS score: 9.8) – An Object-Graph Navigation Language (OGNL) injection flaw in Atlassian Confluence that’s likely to have been leveraged by a China-affiliated actor against an unnamed U.S. entity days before the flaw’s disclosure on June 2.

The findings also come nearly a month after CISA published a list of the top vulnerabilities China-based actors have exploited to steal intellectual property and gain access to sensitive networks since 2020.

“Zero-day vulnerabilities are particularly effective for initial exploitation, and once made public, they can be rapidly exploited by other nation-state and criminal actors,” the company said.

Why Trust Us?

Best Top Reviews Online was founded in 2018 to provide our readers with thorough, unbiased, and independent advice on what to buy. We now have millions of monthly users from all over the world and evaluate over 1,000 products per year.

The article above was written by the BestTopReviewsOnline team, which includes many of the US’s most knowledgeable technical experts. Our team includes well-known writers with extensive experience in mobile phones, computing, technology, photography, and other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.