A zero-day exploit occurs when a software vulnerability is discovered and malicious code is developed immediately to take advantage of it. This is labelled a "zero-day" exploit because there is no delay or latency between the time the vulnerability is discovered and the time the exploit for it is created and distributed.

 

It used to be that bugs or vulnerabilites in programs such as Internet Explorer would be discovered, but it might have taken days or weeks before malicious code was written and distributed via a Trojan virus or a worm.  The period of time between discovery and exploitation is known as "latency."  In cases such as these, the software vendor would often have enough time to develop and deploy a patch to correct the problem before it could be exploited.

 

In recent times, creators of malicious software have become much more sophisticated in both the detection of vulnerabilities and the creation of code that can exploit them.  As a result, latency has been continually shrinking to the point where zero-day exploits are becoming much more common.

 

 

The best defense against these malicious exploits is to have a strong defense.  Maintaining a firewall will not only prevent unauthorized access, but will also prevent most malicious programs from attacking a computer or network.  A good defense also involves having a recognized anti-virus program such as Symantec Anti-Virus installed and maintained with current virus signatures.  Observing good habits such as not opening unsolicited e-mail attachments will also go a long way in preventing infection and spread of malicious software.

 

Program vulnerabilities will probably never go away, nor will the hackers who persist in exploiting them.  Therefore, always being prepared with an adequate defense will be an ongoing reality.

July 2007
May 2007
April 2007
March 2007
IT News
Archive