What is a zero-day?

Giulio Saggin

A zero-day vulnerability is one that has been newly discovered and the vendor hasn't had time to release an update fix/patch ... they've had 'zero days' to fix the problem. Because of this, 'zero-days' can be exploited by attackers.

Even if a patch is released for a vulnerability, hackers can still exploit unpatched computers. One example of this is the exploit, EternalBlue. CVE-2017-0144 had been released for the vulnerability, but it was leaked by a hacker group and used a month later by the WannaCry ransomware to infect 300,000 unpatched computers across 150 countries, with damage reaching into the billions of dollars.

Often researchers or hackers will inform a vendor about a zero-day vulnerability they've discovered and give the vendor a set amount of time to fix the flaw, 'or else' ... as was the case earlier this year when a hacker made public a database of 24 million Lumin PDF users after Lumin PDF administrators hadn't responded to numerous queries the hacker made over the preceding months.

Zero-days are a valuable commodity. Hackers can sometimes sell the vulnerability with a proof-of-concept exploit to the relevant vendor, or use the info for their own purposes and steal data e.g. credit card details. Some companies such as Zerodium offer bug bounties for popular software. There are also sites and forums - usually on the dark web - that sell zero day exploits to anyone willing to pay for them.

While SecAlerts is unable to stop zero-days, the best way to protect against known vulnerabilities is to keep your software updated. SecAlerts does this by alerting you to CVEs as soon as they are published (sometimes vendors delay releasing CVEs). Enter your software stack and receive a free weekly report with a round-up of CVEs (& security news) unique to your stack: www.secalerts.co

Signup for vulnerability alerts

SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203