Zero-Day Vulnerability

MOREnet logo with school building graphic

A zero-day vulnerability is an unintended flaw in software security for which the vendor has not yet created a patch to fix it. The term “zero-day” refers to this newly discovered flaw that has been exposed but the developer has not released a patch or update to fix it. So the developer has ‘zero-days’ to fix the issue. So once the exploit has been publicly announce the developer needs to work quickly to patch the security hole.

Once discovered it can be exploited by a cyber criminal. Hackers will construct malicious code to take advantage of the vulnerability that can compromise a device or network. Crooks will work just as quickly as the developers to take advantage of the security hole.

How can you protect yourself from zero-day attacks?

Be proactive. Make sure that you use security software that can thwart dangerous intrusions. Make sure to install all updates as soon as they become available. Limit your usage of software that has been identified with this risk until a patch or update becomes available.

Software updates are important. Not only do they add new features but they may also include security updates, firmware and driver updates, bug fixes and removals of outdated features.

Resources

Mozilla Firefox 72.0.1 Patches Actively Exploited Zero-Day

Zero-Day News