all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

An Autopsy on a Zombie In-the-Wild 0-day

Add to bookmarks
g
June 14, 2022, 4 p.m. | noreply@blogger.com (Google Project Zero)

Project Zero googleprojectzero.blogspot.com

Posted by Maddie Stone, Google Project Zero

Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then …

zombie

Visit resource

More from googleprojectzero.blogspot.com / Project Zero

Pr
The Windows Registry Adventure #2: A brief history of the feature 2 weeks, 2 days ago | googleprojectzero.blogspot.com
database feature google google project zero +13
Pr
The Windows Registry Adventure #1: Introduction and research results 2 weeks, 2 days ago | googleprojectzero.blogspot.com
bugs december december 2023 escalation +22
Pr
First handset with MTE on the market 6 months ago | googleprojectzero.blogspot.com
arm back brand device +12
Pr
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit 6 months, 3 weeks ago | googleprojectzero.blogspot.com
amnesty amnesty international analysis apple +29
Pr
Analyzing a Modern In-the-wild Android Exploit 7 months, 2 weeks ago | googleprojectzero.blogspot.com
actor analysis android android devices +19
Pr
Summary: MTE As Implemented 9 months ago | googleprojectzero.blogspot.com
access arm blog blog post +13
Pr
MTE As Implemented, Part 1: Implementation Testing 9 months ago | googleprojectzero.blogspot.com
access architecture arm brand +12
Pr
MTE As Implemented, Part 3: The Kernel 9 months ago | googleprojectzero.blogspot.com
access architecture arm brand +11
Pr
MTE As Implemented, Part 2: Mitigation Case Studies 9 months ago | googleprojectzero.blogspot.com
access architecture arm brand +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Senior Manager, SecOps | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Global Cybersecurity Governance Analyst

@ UL Solutions | United States
View on infosec-jobs.com

Security Engineer II, AWS Offensive Security

@ Amazon.com | US, WA, Virtual Location - Washington
View on infosec-jobs.com

Senior Cyber Threat Intelligence Analyst

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Embedded Global Intelligence and Threat Monitoring Analyst

@ Sibylline Ltd | Austin, Texas, United States
View on infosec-jobs.com

Senior Security Engineer

@ Curai Health | Remote
View on infosec-jobs.com
View more jobs