Date 02 January 2020
by Abhishek Sindhwani
Exactly what is a zero-day vulnerability?
A zero-day vulnerability is a hole or flaw in a software program for which there is no patch or fix, usually because the vulnerability is unknown to the software vendor. The term comes from the fact that developers have "zero days" from the time the flaw is discovered to protect against a possible cyberattack. In some cases, an attack itself is the first indication the security problem exists.
Once a software vendor discovers a zero-day vulnerability, programmers scramble to correct the flaw and release an update containing the necessary patch. If the vulnerability is exploited by cyber criminals before it can be corrected, the resulting attack is called a zero-day exploit or zero-day attack.
According to the 2014 Internet Threat Report published by Symantec, 23 zero-day vulnerabilities were discovered in 2013, more than in any other year the company has tracked [source: Symantec]. Fortunately, zero-day vulnerabilities are often reported to software vendors by "white hat" hackers (the good guys), and in July 2014, Google launched a team called Project Zero, whose mission is to identify and report flaws in widely used programs before they can be exploited for malicious purposes. Zero-day attacks have been used to steal sensitive customer data, gain remote access to computer systems and carry out industrial espionage.
The Heartbleed bug, a zero-day vulnerability in the Open SSL encryption library used to secure traffic between Web servers and computers, existed for two years before its discovery in April 2014 [source: Strohm]. When it was first discovered, programmers were unsure whether the Heartbleed flaw had been exploited, but it is now believed to be the source of a hospital breach affecting 4.5 million patient records in the United States.
In August 2014, Russian hackers were suspected of exploiting a zero-day vulnerability to hack into the computer systems of JPMorgan and at least four other U.S. financial institutions