What is a zero-day vulnerability?
A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. An exploit that attacks a zero-day vulnerability is called a zero-day exploit.
Because they were discovered before security researchers and software developers became aware of them—and before they can issue a patch—zero-day vulnerabilities pose a higher risk to users for the following reasons:
- Cybercriminals race to exploit these vulnerabilities to cash in on their schemes
- Vulnerable systems are exposed until a patch is issued by the vendor.
Related terms : Exploit, Zero-day exploit, vulnerability
Related papers/primers :
- Managing Your Legacy Operating Systems
- Monitoring Vulnerabilities: Are your Servers Exploit-Proof?
- Virtual Patching in Mixed Environments: How It Works To Protect You
Links : https://blog.trendmicro.com/trendlabs-security-intelligence/common-misconceptions-it-admins-have-on-targeted-attacks/
Products : Trend Micro™ Vulnerability Protection, Trend Micro™ Deep Security