This article will explain you about two zones of Zero-Day – Zero-Day Vulnerability,Zero-Day Exploit or Zero-Day Attack.
We come across this “Zero-Day” word in many security related news or articles and most us didn’t know what exactly it means. Don’t worry today we are going to explain it for you.
What is a Zero-Day ?
Zero-Day means “unknown or undisclosed”, may refer to one of two things: a zero-day vulnerability or a zero-day exploit. Confused ?
Here is the simple explanation :
A zero day vulnerability refers to an unpatched hole in software that is unknown to the vendor and a zero-day exploit or zero-day attack is a hacking attack that leverages a zero-day vulnerability to compromise a system or device before vendor releases a fix.
So the term “zero-day” actually refers to the number of days the software vendor has been aware of the vulnerability or its exploit or once the flaw becomes known, the software’s author has zero days in which to plan and advise any mitigation against its exploitation.
What is a Zero-Day Vulnerability ?
Zero-Day Vulnerability is a hole or flaw in a software program for which there is no patch or fix, usually because the vulnerability is unknown to the software makers or to antivirus vendors. These security holes are commonly occurs to browser software, operating system software, and widely used software from companies such as Adobe, Oracle, and Apple. While the vulnerability may not be known publicly, it can be discovered by researchers or attackers.
Zero day vulnerabilities can be serious security risks because the threat is unknown for both vendors and users and it may compromise your data once hacker exploits these vulnerabilities.
What is Zero Day Exploit or Zero-Day Attack ?
A zero-day exploit refers to code that attackers use to exploit a zero-day vulnerability.A zero day exploit attack occurs on the same day a weakness is discovered in software. At that point, it’s exploited before a fix becomes available from its creator. Hackers can use zero-day exploits to gain access to data or networks or install malware onto a device.
Initially when a user discovers that there is a security risk in a program, they can report it to the software company, which will then develop a security patch to fix the flaw. This same user may also take to the Internet and warn others about the flaw. Usually the program creators are quick to create a fix that improves program protection, however, sometimes hackers hear about the flaw first and are quick to exploit it. When this happens, there is little protection against an attack because the software flaw is so new.
Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days but months and sometimes years before a developer learns of the vulnerability that led to an attack.
In short the whole Zero-Day process is :
- First a company’s developers create software,but they are unaware about a vulnerability that software contains.
- The hacker spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
- The attacker writes and implements exploit code while the vulnerability is still open and available.
- After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.