Weissblick - Fotolia
In any business environment continuously driven by software, flaws discovered and used by bad actors can be devastating. Problems discovered in firmware, hardware, OSes and software applications must be remedied by the developer and released as a software patch, which will fix the flaw so it no longer becomes a threat.
Yet, what if the developer never discovered a flaw? Alternatively, what if the developer discovered a flaw but didn't bother to fix it in a timely manner? This is what's known as zero-day. This term is used because the developer had literally no time -- zero days -- to fix the flaw before the bad guys knew about it. Thus, time is of the essence to get a patch released.
Getting a bit more technical, you'll often hear about two similar sounding -- yet very different -- zero-day terms. The first term is zero-day vulnerability. This is when software has a flaw known to the developer, but the developer does not yet have a patch ready to be released.
If a patch is not released in time, nefarious actors can create a zero-day exploit -- our second term. A zero-day exploit is a software package coded to take advantage of the known zero-day vulnerability. In most cases, a zero-day exploit is packaged as malware. Zero-day exploits are often highly successful until they become widely known and either the software is patched or other security measures are put in place to successfully identify and block the exploit.
Guarding against zero-days -- whether deemed vulnerability or exploit -- should be high on any CISO's priority list. The exploit takes advantage of exposed software without an available patch. As a result, CISOs must put security teams on notice when a known zero-day vulnerability is announced so they can work to remediate the risk a zero-day exploit could have on the organization.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Andrew Froehlich
The quick answer is yes -- IT administrators can monitor employees' messages in Microsoft Teams. But organizations need the proper license plans and ... Continue Reading
If your network operations center responsibilities haven't changed yet due to evolutions like DevOps and edge computing, they likely will soon. ... Continue Reading
When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading