What is Zero-Day vulnerability?
March 01, 2021 | Cyber Security, Cyberattack, Covid-19
“Zero-day” vulnerability refers to a freshly discovered software exposure. It is a cyber-attack that occurs on the same day a weakness is found in software. Because the developer has just learned of the flaw, it also means an official patch or updates to fix the issue hasn’t been released.
So, “zero-day” refers to the fact that the developers have “zero days” to fix the problem that has been just exposed — and perhaps already exploited by hackers.
Once the vulnerability becomes publicly known, the vendor must work quickly to fix the issue to protect its users.
But due to time constraints, the software vendor may fail to release a patch before hackers manage to exploit the security hole. That’s known as a zero-day attack.
Understand Zero-Day Vulnerability With An Example
For illustration, let’s take a look at the recent Microsoft Exchange zero-day vulnerabilities and understand how it works.
- The Microsoft developers created Exchange server software for mailing and calendaring services which is commonly known as Microsoft Outlook.
- When software is created, the developers try their best to protect it from cybercriminals for vulnerabilities and exploitations.
- But there are times when there are unknown vulnerabilities in the software that the Microsoft developers hadn’t found yet.
- The threat actor spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
- The attacker writes and implements exploit code while the vulnerability is still open and available.
- Once the cyberattack is released, either the public recognizes it in the form of identity or information theft, or the developer catches it and creates a patch to stop the cyber-bleeding.
Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days but months and sometimes years before a developer learns of the vulnerability that led to an attack.Back to all blogs