zero-day vulnerability

This definition is part of our Essential Guide: Catch up on the Windows Server patches of 2017
Contributor(s): Sharon Shea

A zero-day vulnerability is a flaw that leaves software, hardware or firmware defenseless against an attack that occurs the very same day the vulnerability is discovered. Such an attack is called a zero-day exploit, meaning that there are zero days between the time the vulnerability is discovered and the first attack.

The majority of  vulnerabilities that make zero-day attacks possible are caused by poor software code. Unfortunately information about such vulnerabilities is increasingly being sold or traded on the darknet. To debug vulnerabilities, developers must create and release a patch and enterprises must implement the patch in a timely manner. Enterprises can reduce the likelihood of falling prey to an zero-day attack by implementing enterprise information security best practices, including:


This was last updated in March 2014

Continue Reading About zero-day vulnerability



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats

Powered by: