Zero-day Vulnerabilities 101

A zero-day refers to a vulnerability that is not publicly known but could be known by attackers, and as long as applications, operating systems, and software have bugs or flaws, attackers will always find a way to exploit them. Simply put, zero-day attacks occur when cybercriminals and attackers get a hold of the flaw and find a way to exploit it, leaving users vulnerable until a patch or fix is deployed. 

Why zero-days are dangerous

Issues regarding the research and disclosure of vulnerabilities have sparked debates on how security researchers and software vendors can work together towards a more proactive approach for the benefit of users of the Internet at large. Ideally, vulnerabilities are discovered and disclosed by security researchers, white-hat hackers, or the developers themselves. These vulnerabilities are reported through bounty programs, or simply out of being responsible, and the developers fix the bug and release a patch.  Presently, however, the vulnerability landscape is changing.  Cybercriminals and attackers are now keener on discovering zero-day vulnerabilities that can be used for targeted attacks or other organized cybercrime while developers and unknowing users are left in the dark.

Did you know?

  • The investigation revealed that the Sandworm attack that targeted SCADA systems used a zero-day vulnerability. Shortly after discovering this exploit, Microsoft released a patch that included solutions for two other zero-day vulnerabilities that affected the Windows kernel in most Windows versions.
  • Recently, multiple zero-day vulnerabilities were found in Adobe Flash Player. Given the ubiquity of the Flash plugin, it is an attractive attack vector. Flash’s long-term existence becomes even more complex with every update as security holes add up along the way, allowing exploits to continue. Patches have been promptly released for Windows, Mac, and Linux operating systems.

Zero-days are alarming because users can fall victim to various attacks, and there is not much they can do to prevent them. Because of unreported vulnerabilities, users are often left helpless against attacks that exploit them, and the consequences vary, ranging from annoying to downright destructive, given a weak security environment. The best way to stay safe is to be aware and prepare for them using these preventive measures:

  • Keep your software updated: while this doesn't necessarily protect you from zero-days, updating your software regularly will ensure you get a patch as soon as one is released. It is also wise to turn on and use your software's automatic update feature. 
  • Stay updated on the latest vulnerabilities and infection vectors: refer to reliable advisories to be aware of the latest discovered vulnerabilities, and to stay on top of updates and releases for software versions and patches.
  • Use security software: one of the tools you can use to mitigate zero-day attacks is advanced browser protection solutions like Browser Exploit Prevention in Trend Micro Security. This protects against exploits that target browsers or related plugins.

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.