*** Welcome to piglix ***

Zero-day attack


A zero-day (also known as zero-hour or 0-day or day zero) vulnerability is an undisclosed computer-software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network. It is known as a "zero-day" because it is not publicly reported or announced before becoming active, leaving the software's author with zero days in which to create patches or advise workarounds to mitigate its actions. It has passed zero time since the exploitable bug's existence was disclosed. Similarly, an exploitable bug that has been known for thirty days is sometimes called a 30-day exploit. The lower the number of days the bug has been known, the higher are the chances that it has no fix or mitigation. The more recently the exploit was published, the higher is the probability that an attack against a particular instantiation of software that was afflicted with the exploitable bug will be successful, because even if there is a patch, not every user of that software will have applied it. For zero-day exploits, the probability that a user has patched their bugs is of course zero.

Attacks employing zero-day exploits are often attempted by hackers before or on the day that notice of the vulnerability is released to the public; sometimes before the author is aware or has developed and made available the corrected code. Zero-day attacks are a severe threat.

Malware writers can exploit zero-day vulnerabilities through several different attack vectors. Sometimes, when users visit rogue websites, malicious code on the site can exploit vulnerabilities in Web browsers. Web browsers are a particular target for criminals because of their widespread distribution and usage. Cybercriminals can also send malicious e-mail attachments via SMTP, which exploit vulnerabilities in the application opening the attachment. Exploits that take advantage of common file types are numerous and frequent, as evidenced by their increasing appearances in databases like US-CERT. Criminals can engineer malware to take advantage of these file type exploits to compromise attacked systems or steal confidential data.


...
Wikipedia

...