A zero-day vulnerability is a software security flaw that is known to the software vendor but doesn’t have a patch in place to fix the flaw. It has the potential to be exploited by cyber criminals.
What makes a vulnerability a zero-day?
The term “zero-day” refers to a newly discovered software vulnerability. Because the developer has just learned of the flaw, it also means an official patch or update to fix the issue hasn’t been released.
So, “zero-day” refers to the fact that the developers have “zero days” to fix the problem that has just been exposed — and perhaps already exploited by hackers.
Once the vulnerability becomes publicly known, the vendor has to work quickly to fix the issue to protect its users.
But the software vendor may fail to release a patch before hackers manage to exploit the security hole. That’s known as a zero-day attack.
A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day.” Let’s break down the steps of the window of vulnerability:
A company’s developers create software, but unbeknownst to them it contains a vulnerability.
The threat actor spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
The attacker writes and implements exploit code while the vulnerability is still open and available
After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.
What damage can zero day exploits do?
Here’s just a short list of zero day threats and the havoc they can potentially wreak, curated from various sources covering the last year or two:
- Suspected North Korean State threat actors were observed exploiting a vulnerability in a word processing application
- A targeted attack unveiled vulnerabilities in Microsoft Office and Windows, hidden within a Microsoft Word document
- Adobe and Windows zero day exploits were made use of by Russia’s APT28 gang in a highly-targeted hack
- Vulnerabilities in Microsoft font drivers were found to allow remote code execution, potentially rendering businesses open to ransomware, data theft, etc.
Things to remember about zero-day vulnerabilities
- Keep your software up-to-date to help protect yourself against a zero-day vulnerability.
- Check for a solution when a zero-day vulnerability is announced. Most software vendors work quickly to patch a security vulnerability.
- Don’t underestimate the threat. Cybercriminals will seek to exploit security holes and gain access to your devices and your personal information. They can use your information for a range of cybercrimes including identity theft, bank fraud, and ransomware.
- Always use a reliable security software to help keep your devices safe and secure.