Zero Day Exploit Explained
by Frank Jovine on 01/19/2010 in Security, Security Info & Tips
Are you familiar with Zero Day Exploits? Do you know the dangers of a Zero Day Exploit? I was approached about the subject from one of my social network friends and I thought it would be best to share this information with everyone.
A zero-day exploit is when someone takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known. Once a person identifies that an application or program contains a potential security vulnerability, that person can notify the publisher of the application or program so that action can be taken to repair or patch the vulnerability or defend against its exploitation.
The worst part of a zero day exploit is that some companies may not react fast enough to fix or patch the vulnerability. This will leave many users exposed and many might already be infected. The good news is that sometimes the hackers can’t expose or distribute the exploit faster than the fix. Hopefully this happens more often and suppresses any wrong doing from the hackers.
Hackers are getting smarter and are able to expose vulnerabilities much faster. In some cases, a hacker may be the first to discover the vulnerability. In these situations, the vulnerability and the exploit may become apparent on the same day. There is no way to guard against the exploit before it happens. Companies exposed to such exploits can, however, institute procedures for early detection of an exploit.
I hope that you find this information useful.
Sam
Jan 20th, 2010
Thanks for explaining this. Wasn’t exactly sure what they meant by this but now it totally makes sense.
Now that I think about it, big companies need to have programmers on-hand 24/7 to deal with these exploits. That’s probably a big reason why Microsoft and Google have offices all around the world (especially India, basically a 12 hour difference.)
victoria
Jan 20th, 2010
Thanks for this information I was wondering, it’s worrying that these things could be out there for months spreading small scale before patches are produced especially if they are used for very targeted applications
Sandrina
Jan 22nd, 2010
Hacker may be the first one to discover vulnerability because they are searching for it, ordinary users will discover vulnerability just by accident. But yes, hackers can not distribute danger very fast. They are getting smarter but so are we
.
Frank Jovine
Jan 22nd, 2010
Sandrina,
In most cases we hope it’s a user that finds it before the hacker.
Arafat Hossain Piyada
Jan 23rd, 2010
You just explain me some unknown fact. Thanks.
I wish user always discover this issue before bad guys and wish all companies will fix those issue proactively.
By the way, Trend Micro develop a free tool named Trend Micro Browser Guard which protect users from 0-day vulnerability on browsers.
Frank Jovine
Jan 23rd, 2010
Arafat,
I hope we catch it before the bad guys do as well.