Blog Zero-Day Exploits – Your Days are Numbered! [infographic]

Process Doppelgänging

April 21, 2017 Category: Threats By: Michael Rosen Comments: 0

Zero-Day Exploits – Your Days are Numbered! [infographic]

  • News stories involving zero-day Windows kernel exploits seemingly never end.
  • Fresh examples abound with alarming regularity and devastating effects, often involving defects with a dwell time of many months before they are formally addressed by patch updates.
  • Despite a sustained focus by Microsoft on improving cybersecurity top to bottom, dubious new records were set in both 2015 and 2016 for successful Windows kernel exploits.

This disturbing trend – zero-day exploits – is set to accelerate in 2017 with the recent release of the purported complete set of NSA hacking tools by Shadow Brokers, a massive data dump containing numerous previously unknown Windows kernel vulnerabilities and associated exploit toolkits. As these powerful hacking tools make their way into ever more hands, the potential for these types of attacks increases exponentially, as they no longer require nation-state sponsorship or expertise to effectuate sophisticated security breaches.

Watch: How Repacked Malware Slips through NGAV.

In addition, even well-known and longstanding kernel vulnerabilities continue to be exploited, as the backlog of fixes commonly lags exploit discovery by a substantial time period. Furthermore, enterprise Windows systems in production environments remain frequently unpatched by their owners or administrators.

Traditional Approaches Aren’t Doing the Job

Traditional layered defenses—even those augmented by next-generation detection tools involving artificial intelligence and machine learning—have a miserable track record against newly-discovered kernel threats, proving time and again that this “detect to protect” outdated approach is quickly reaching the end of its usefulness.

Common security tools in the standard “detection stack” suffer from a variety of systemic weaknesses because they:

  • Are primarily reactive against threats
  • Rely on existing signatures, heuristics, and behaviors
  • Cannot adapt to keep pace with a rapidly evolving threatscape
  • Do not protect users against themselves

Further compounding the problem, users continue to click recklessly on malicious links and attachments, share flash drives, and engage in other risky online behavior—including even trained security-minded individuals who think they are being careful all the time.

We Stop Zero-Day Threats

Bromium Secure Platform employs hardware-enforced virtualization and task isolation that operates beneath the kernel level, meaning that malicious exploits:

  • Can’t reach the kernel
  • Can’t touch the operating system
  • Can’t access user files
  • Can’t connect to network resources
  • Can’t exfiltrate local or enterprise data

This all-new approach known as micro-virtualization completely neutralizes kernel vulnerabilities—both known and unknown—and eliminates the risk of users clicking indiscriminately in ways that traditional layered defenses simply cannot match.

Bromium changes the security game, putting malware authors on notice that their old kernel exploit tricks won’t work anymore. Zero-days, the gig is up and your days are numbered!

So go ahead, click with confidence … we’ve got you covered!

Bromium zero-day exploits.

About the Author

Michael Rosen

Michael Rosen
Sr. Product Manager, Threat Intelligence and Technical Marketing

Recent Posts

2017-04-21T16:27:39-07:00April 21st, 2017|Threats|

Leave A Comment

See Bromium in Action

Request a demo and see how Bromium isolation will put an end to malware and attacks once and for all.

Request a Demo

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.