Zero-day vulnerabilities are on the rise – but it may not be a bad thing

There’s been a small uptick in zero-day vulnerabilities so far this year. But according to researchers, that may not be bad news. 

Secunia recently shared some statistics on vulnerabilities reported since Jan. 1. So far this year, 15 zero-day vulnerabilities, those that are discovered without patches yet available, have been discovered.

For all of 2014, there were 25 zero-days. So while this isn’t a huge jump, it does put us on pace to eclipse last year’s number.

But according to, Secunia is encouraged by the rise in zero-days. It could mean that more are being discovered, not that there’s an increase in the number out there.

The real threat

While zero-days are most companies nightmare, it’s usually a much more basic threat that catches up to companies: poor patching.

Known vulnerabilities account for many breaches and incidents, and most companies take several months to fix these vulnerabilities once they are uncovered.

The best route to staying safe may be to work diligently to keep up with compromises. Make sure you’re checking regularly for reported vulnerabilities in your systems, and work to decrease the time to patching for them.

It’s easier said than done, and requires testing to make sure the patches don’t interfere with current apps. But it’s more likely that hackers will exploit these known weaknesses than attack ones you haven’t discovered yet.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy