Zero-day exploit: an advanced cyber attack defined
A zero-day vulnerability, at its core, is
a flaw. It is an unknown exploit in the wild that exposes a
vulnerability in software or hardware and can create complicated
problems well before anyone realizes something is wrong. In fact, a
zero-day exploit leaves NO opportunity for detection ... at first.
A zero-day attack happens once that flaw,
or software/hardware vulnerability, is exploited and attackers release
malware before a developer has an opportunity to create a patch to fix
the vulnerability—hence “zero-day.” Let’s break down the steps of the
window of vulnerability:
- A company’s developers create
software, but unbeknownst to them it contains a vulnerability.
- The threat actor spots that vulnerability either before the
developer does or acts on it before the developer has a chance to
- The attacker writes and implements exploit code
while the vulnerability is still open and available
releasing the exploit, either the public recognizes it in the form
of identity or information theft or the developer catches it and
creates a patch to staunch the cyber-bleeding.
Once a patch is written and used, the
exploit is no longer called a zero-day exploit. These attacks are
rarely discovered right away. In fact, it often takes not just days
but months and sometimes years before a developer learns of the
vulnerability that led to an attack.