Publicly Available Exploit Code Gives Attackers 47-Day Head Start

Publicly Available Exploit Code Gives Attackers 47-Day Head Start

When exploit code is released into the wild, it gives attackers a 47-day head start on their targets, new research has warned.





Kenna Security teamed up with the Cyentia Institute to analyze 473 vulnerabilities from 2019 where there was some evidence of exploitation in the wild.





Over the succeeding 15 months, the team noted when a vulnerability was discovered, when a CVE was reserved, when a CVE was published, when a patch was released, when the bug was first detected by vulnerability scanners and when it was exploited in the wild.





It claimed that exploit code is released into the wild in around one in four (24%) cases and the majority (70%) of exploited CVEs are likely to have been predated by publicly available exploit code.





There is therefore strong evidence that “early disclosure of exploit code gives attackers a leg up,” argued Kenna Security CTO, Ed Bellis.





However, things are a little more complicated than that, he added.





“At the same time, when exploits are released before patches, it takes security teams more time to address the problem, even after the patch is released,” Bellis explained. “That’s an indication that exploit code availability is not the motivator that some would suggest it is.”





Early disclosure may also actually help the white hat community by providing the code from which IDS and IPS systems can derive signatures. It could also push software developers to produce patches more quickly, and organizations to patch once one becomes available.





The good news is that responsible disclosure processes appear to be working quite well. Around 60% of v ..

Support the originator by clicking the read the rest link below.