Dashboard: Zero-Days in Desktop Web Browsers
Tracking exploited zero-day vulnerabilities in desktop web browsers
The most exploited web browser is Chrome
The least exploited web browser is IE
Dashboard timeframe: 2019-01-01 to date (updated Nov 2020)
*4 out of the last 5 zero-day exploits in IE11 are due to critical bugs in legacy (and obsolete) scripting engines, which are no longer used on the modern web but can still be forcibly loaded by a malicious web page. In Windows 10, it is possible to disable those scripting engines using system-wide
settings. Alternatively, Nessie
is an IE-based browser that dynamically blocks accesses to unsafe legacy scripting DLLs.
Follow @hexatoms to get notified of changes.