A zero-day vulnerability is a flaw that leaves software, hardware or firmware defenseless against an attack that occurs the very same day the vulnerability is discovered. Such an attack is called a zero-day exploit, meaning that there are zero days between the time the vulnerability is discovered and the first attack.
The majority of vulnerabilities that make zero-day attacks possible are caused by poor software code. Unfortunately information about such vulnerabilities is increasingly being sold or traded on the darknet. To debug vulnerabilities, developers must create and release a patch and enterprises must implement the patch in a timely manner. Enterprises can reduce the likelihood of falling prey to an zero-day attack by implementing enterprise information security best practices, including:
- Using a virtual LAN/IPsec to protect the content of data transmissions.
- Deploying an intrusion detection system (IDS) and/or a firewall that uses stateful inspection.
- Introducing network access control to prevent rogue machines from gaining access to the network.
- Locking down wireless access points.
- Maximizing protection against wireless-based attacks by implementing a wireless security scheme such as Wi-Fi Protected Access or WPA2.