Zero-Day Exploits – Your Days are Numbered! [infographic]

Blog Zero-Day Exploits – Your Days are Numbered! [infographic]

Process Doppelgänging

April 21, 2017 Category: Threats By: Michael Rosen Comments: 0

Zero-Day Exploits – Your Days are Numbered! [infographic]

  • News stories involving zero-day Windows kernel exploits seemingly never end.
  • Fresh examples abound with alarming regularity and devastating effects, often involving defects with a dwell time of many months before they are formally addressed by patch updates.
  • Despite a sustained focus by Microsoft on improving cybersecurity top to bottom, dubious new records were set in both 2015 and 2016 for successful Windows kernel exploits.

This disturbing trend – zero-day exploits – is set to accelerate in 2017 with the recent release of the purported complete set of NSA hacking tools by Shadow Brokers, a massive data dump containing numerous previously unknown Windows kernel vulnerabilities and associated exploit toolkits. As these powerful hacking tools make their way into ever more hands, the potential for these types of attacks increases exponentially, as they no longer require nation-state sponsorship or expertise to effectuate sophisticated security breaches.

Watch: How Repacked Malware Slips through NGAV.

In addition, even well-known and longstanding kernel vulnerabilities continue to be exploited, as the backlog of fixes commonly lags exploit discovery by a substantial time period. Furthermore, enterprise Windows systems in production environments remain frequently unpatched by their owners or administrators.

Traditional Approaches Aren’t Doing the Job

Traditional layered defenses—even those augmented by next-generation detection tools involving artificial intelligence and machine learning—have a miserable track record against newly-discovered kernel threats, proving time and again that this “detect to protect” outdated approach is quickly reaching the end of its usefulness.

Common security tools in the standard “detection stack” suffer from a variety of systemic weaknesses because they:

  • Are primarily reactive against threats
  • Rely on existing signatures, heuristics, and behaviors
  • Cannot adapt to keep pace with a rapidly evolving threatscape
  • Do not protect users against themselves

Further compounding the problem, users continue to click recklessly on malicious links and attachments, share flash drives, and engage in other risky online behavior—including even trained security-minded individuals who think they are being careful all the time.

We Stop Zero-Day Threats

Bromium Secure Platform employs hardware-enforced virtualization and task isolation that operates beneath the kernel level, meaning that malicious exploits:

  • Can’t reach the kernel
  • Can’t touch the operating system
  • Can’t access user files
  • Can’t connect to network resources
  • Can’t exfiltrate local or enterprise data

This all-new approach known as micro-virtualization completely neutralizes kernel vulnerabilities—both known and unknown—and eliminates the risk of users clicking indiscriminately in ways that traditional layered defenses simply cannot match.

Bromium changes the security game, putting malware authors on notice that their old kernel exploit tricks won’t work anymore. Zero-days, the gig is up and your days are numbered!

So go ahead, click with confidence … we’ve got you covered!

Bromium zero-day exploits.

Subscribe

Enter your email address to receive notifications.

About the Author

Michael Rosen

Michael Rosen
Sr. Product Marketing Manager at Bromium

Recent Posts

Categories
2017-04-21T16:27:39+00:00 April 21st, 2017|Threats|

Leave a Reply

See Bromium in Action

Put an end to malware and attacks once and for all. Request a demo of the Bromium Secure Platform to learn how Bromium uses virtualization-based security to isolate applications and stop threats. Complete the form to request a demo.

Thank you! The information has been submitted successfully.
Share
Tweet
Share

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close