Wednesday, 4 November 2015
A zero-day vulnerability, at its core, is a flaw. It is an unknown exploit in the wild that exposes a vulnerability in software or hardware which can create complicated problems well before anyone realizes something is wrong. In fact, a zero-day exploit leaves NO opportunity for detection... at first.
Vulnerability Timeline :
A zero-day attack happens once that flaw, or software/hardware vulnerability is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence “zero-day.”
Let’s break down the steps of the window of vulnerability:
- A company’s developers create software, but unbeknownst to them, it includes a vulnerability
- The threat actor spots that vulnerability either before the developer does, or acts on it before the developer has a chance to fix it
- The attacker writes and implements exploit code while the vulnerability is still open and available
- After releasing the exploit, either the public recognizes it in the form of identity or information theft, or the developer catches it and creates a patch to staunch the cyber bleeding.
Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days, but months, and sometimes years before a developer learns of the vulnerability that led to an attack.
Read more ..
