Zero days explained: How unknown vulnerabilities become gateways for attackers

Zero days explained: How unknown vulnerabilities become gateways for attackers

Zero day definition


A zero day is a security flaw for which the vendor of the flawed system has yet to make a patch available to affected users. The name ultimately derives from the world of digital content piracy: if pirates were able to distribute a bootleg copy of a movie or album on the same day it went on sale legitimately (or maybe even before), it was dubbed a "zero day."

Borrowed into the world of cybersecurity, the name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before the good guys of infosec are able to respond. Once a zero day attack technique is circulating out there in the criminal ecosystem—often sold by their discoverers for big bucks—the clock is ticking for vendors to create and distribute a patch that plugs the hole.

To read this article in full, please click here