Unit 42 Named Top Zero-Day Vulnerability Contributor by Microsoft

This post is also available in: 日本語 (Japanese)

This piece was originally published August 16 on the Palo Alto Networks blog.

Palo Alto Networks is proud that Microsoft has recognized our Unit 42 global threat intelligence team with multiple awards for its contributions to vulnerability research, including first place for discovery of Zero Day vulnerabilities. Microsoft also recognized Unit 42 researchers Gal De Leon and Bar Lahav in its annual list of the Most Valuable Security Researchers.

Unit 42, which also won third place for “Vulnerability Top Contributor,” was the only research group to win in two categories at this year’s Microsoft Active Protections Program (MAPP) Contributing Partners awards.

“It’s an honor to be recognized by the MSRC team for responsibly disclosing these vulnerabilities to Microsoft and providing information needed to develop patches and protect customers,” Gal De Leon said.

Unit 42 reported 27 zero-day vulnerabilities to Microsoft from July 1, 2018, to June 30, 2019.  They include a Zero-Day local privilege escalation vulnerability in the Windows Error Reporting component, which was exploited in the wild. We discussed that vulnerability in a July 2 technical blog, Tale of a Windows Error Reporting Zero-Day (CVE-2019-0863)

Zero-Day vulnerabilities are exploitable flaws in the code of legitimate applications and operating systems that haven’t previously been publicly disclosed.  They can be exploited by threat actors to launch attacks which are much tougher for organizations to protect against, even when they are using up-to-date security tools.

Unit 42 is thrilled that its researchers were acknowledged by the Microsoft Security Response Center (MSRC) “Most Valuable Security Researchers” program for a fourth consecutive year

We salute all 75 researchers who were honored at this year’s awards, which were presented during the Black Hat conference in Las Vegas.

Microsoft looks at the volume of vulnerability reports as well as their impact and accuracy when deciding who to recognize, according to Sylvie Liu, security program manager for MSRC Community Programs.

Palo Alto Networks has identified more than 200 vulnerabilities in the ecosystems of vendors including Adobe, Apple, Google Android and Microsoft.

By proactively identifying these vulnerabilities, developing protections for our customers, and sharing the information with the security community, we are removing weapons that attackers use to threaten organizations. Palo Alto Networks is a key participant in the Microsoft Active Protections Program, which provides early access to vulnerability information so that we can provide proactive protection to customers through Next Generation Firewall Threat Prevention Security Services subscriptions and Traps Advanced Endpoint Protection.

Unit 42 reports on zero-day vulnerabilities and other threats are available on its threat research blog.