On Thursday, Google announced a number of initiatives targeted at enhancing the ecosystem for managing vulnerabilities and providing more transparency standards for exploitation. Incomplete vendor fixes are another source of security risks, and many of the zero-day vulnerabilities that are exploited in the field wind up being modified versions of already patched flaws.
The corporation stated in an announcement that “risks remain even after they are known and fixed, which is the real story,” despite the fact that zero-day vulnerabilities are famous and frequently make headlines. These risks include things like delays in OEM adoption, difficulties with patch testing, problems with end-user updates, and more.