What Is a Zero Day Vulnerability? [MakeUseOf Explains]

Ads by Google

zero day exploitIf you don’t keep your computer protected, it’s very easy to get it infected – as many of you can probably relate to. There are multiple ways to keep your computer clean and your data safe. You can use your common sense to avoid catching a digital cold, and install a good anti-virus application.

Another part of securing your computer and your online presence is to stay informed. Stay informed of important security trends and security holes.

One term that often comes up in relation to viruses and security are zero-day exploits, vulnerabilities and attacks. Not too long ago a seven year old Internet Explorer vulnerability was found. Sounds like a long time? It is. To help you get traction on the subject, we’ll explain to you the concept of software vulnerability, zero-day exploits and the window of opportunity.

Software Vulnerability

The average software application consists of an incredible amount of code. As is to be expected, a lot of code is not bullet proof at its conception. For one, bugs slip in. A lot of these bugs are relatively harmless (relative being the key word) – they create a deadlock and cause the application to freeze, or make the application misbehave under certain irregular conditions.

zero day exploit

A more serious security risk arises from the presence of exploitable bugs, or software vulnerabilities. Software vulnerabilities compromise the security of the computer system. Sneaking in through the cracks provided by flawed or insufficiently protected code, malign individuals are sometimes able to execute their own code under the guise of a computer’s own user, or access restricted data (just to name a few of the possibilities).

Ads by Google

Simply put, a software vulnerability is a flaw in the software’s design or implementation that can potentially be exploited.

Zero-Day Exploits

A software vulnerability on its own does no harm (yet). First, the attacker has to find the vulnerability and write an exploit; a piece of software that uses the vulnerability to carry out an attack. This (zero-day) attack can take the form of a virus, worm or trojan infecting your computer system.

zero day attack

Often, these software vulnerabilities are first discovered (or brought to the attention of) the software developers, and are fixed in future updates to the application. But if the attacker is able to discover the vulnerability before the developer knows of it, the attacker can write a zero-day exploit. This term derives its name from the fact that the first attacks take place before anyone (most importantly, the developer) has knowledge of the vulnerability.

Vulnerability Window

A zero-day exploit gives the attacker an unprecedented advantage. Because the developer had no knowledge of the exploit, they’re not able to develop a fix and users of the application are entirely without protection. Until the attack is noticed and recorded, even conventional virus scanners are of little use. The vulnerability window describes the time between a vulnerability is first exploited and the developer of the application pushes a patch. This follows a distinct timeline.

  1. The (unknown) vulnerability is introduced in a piece of software.
  2. The attacker finds the vulnerability.
  3. The attacker writes and deploys a zero-day exploit.
  4. The vulnerability is discovered by the software company and it starts developing a fix.
  5. The vulnerability is disclosed publicly.
  6. Anti-virus signatures are released for the zero-day exploits.
  7. The developers release a patch.
  8. The developers finish deploying the patch.

zero day exploit

The zero-day exploit attacks last from point 3 to point 5. According to a recent study, this period lasts ten months on average! However, not that many hosts are usually affected. The biggest strength of zero-day attacks is their relative invisibility, and zero-day attacks are most often used to strike at very specific targets.

A much more dangerous period for the average user lasts from point 5 to point 8, which is the follow-up attack wave. And only on point 6 will those anti-virus applications start taking effect. According to the same study, other attackers swarm to the vulnerability after its public disclosure, and the volume of attacks increases by up to five orders in magnitude!

After reading the article, how does the seven year old Internet Explorer vulnerability sound? Due to a lack of data, we can’t say for sure how big the vulnerability window exactly was, but it likely wasn’t small. Let us know your thoughts in the comments section below the article!

Image credit: Victor Habbick / FreeDigitalPhotos.net

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Awesome Webs & Tips
Awesome Webs & Tips
1082 Members
Stay Incognito On The Web
Stay Incognito On The Web
895 Members
Deep Web Communities
Deep Web Communities
541 Members
Online Security Tips
Online Security Tips
361 Members
Technology Explained
Technology Explained
349 Members
Music Apps & Sites
Music Apps & Sites
267 Members
Tips for Privacy Obsessed
Tips for Privacy Obsessed
259 Members
Affiliate Disclamer

This article may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
New comment

Please login to avoid entering captcha

Log In