Weissblick - Fotolia
In any business environment continuously driven by software, flaws discovered and used by bad actors can be devastating. Problems discovered in firmware, hardware, OSes and software applications must be remedied by the developer and released as a software patch, which will fix the flaw so it no longer becomes a threat.
Yet, what if the developer never discovered a flaw? Alternatively, what if the developer discovered a flaw but didn't bother to fix it in a timely manner? This is what's known as zero-day. This term is used because the developer had literally no time -- zero days -- to fix the flaw before the bad guys knew about it. Thus, time is of the essence to get a patch released.
Getting a bit more technical, you'll often hear about two similar sounding -- yet very different -- zero-day terms. The first term is zero-day vulnerability. This is when software has a flaw known to the developer, but the developer does not yet have a patch ready to be released.
If a patch is not released in time, nefarious actors can create a zero-day exploit -- our second term. A zero-day exploit is a software package coded to take advantage of the known zero-day vulnerability. In most cases, a zero-day exploit is packaged as malware. Zero-day exploits are often highly successful until they become widely known and either the software is patched or other security measures are put in place to successfully identify and block the exploit.
Guarding against zero-days -- whether deemed vulnerability or exploit -- should be high on any CISO's priority list. The exploit takes advantage of exposed software without an available patch. As a result, CISOs must put security teams on notice when a known zero-day vulnerability is announced so they can work to remediate the risk a zero-day exploit could have on the organization.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Andrew Froehlich
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that ... Continue Reading
The network edge is where an enterprise network connects to third-party network services. Edge computing is a distributed architecture that processes... Continue Reading