Project Zero Archives - Cyber Security Minute

Vulnerabilities Found by Google Researchers in 2021 Got Patched on Average in 52 Days

Issued by: Security Week

Between 2019 and 2021, the team reported a total of 376 vulnerabilities and saw most of them (351) get patched. Of the remaining flaws, 14 are marked “WontFix” by the vendor and 11 remain unfixed. Per Google Project Zero’s policy, vendors have 90 days to address the security errors, but they can also request a…

Vulnerabilities

Google Project Zero Announces 2021 Updates to Vulnerability Disclosure Policy

Issued by: Security Week

Project Zero has announced three major changes to its vulnerability disclosure policy in 2021, compared to 2020. Until now, if Project Zero researchers found a security hole in a product, it was disclosed after exactly 90 days, regardless of when a patch was released or whether a patch was available at all. The impacted vendor…

Vulnerabilities

Google Researcher Finds Critical Flaw in Keeper Password Manager

Issued by: Security Week

Google Project Zero researcher Tavis Ormandy recently discovered that the Keeper password manager had been affected by a critical flaw similar to one he identified just over one year ago in the same application. Ormandy found the security hole after noticing that Keeper is now installed by default in Windows 10. He remembered a vulnerability…