Zero Day Vulnerability ~ An unknown or unforeseen security risk within a software programme, more commonly known as a ‘hole’, this can be exploited and the programme hacked.
It is an unknown and very real threat which can be created and implemented before the programmer becomes aware. The term is also used to describe pirate copies of software, music and movies that are made available before the actual release date.
Attacks using a virus or a trojan for example, exploit the hole using a set timeline for the process:
• Release of software exploit.
• Detection and study of new threat.
• Development of new solution.
• Release of security patch to catch the exploit.
• Distribution and installation of patch or update onto users system.
This is where the window of opportunity exists, because the process of patching up the hole can take hours, days and occasionally even weeks. The general public are more often than not unaware that a war of information and coding is raging behind their screens.
Zero day attacks are designed to be difficult to detect and defend against, they can also be highly effective against secure networks. Most new malware is not original but a tweak from previous versions, or can contain a string of code taken from existing threats. It’s here the advantage can be handed to those protecting our systems, as this means a method of protection known as a generic signature, already exists and can be used or updated to fight against a multitude of future zero day attacks. Completely new malware can attack vulnerabilities, and spread out to other systems at great speed, without being detected by experts, these threats are known as zero day worms, and can be extremely destructive.
Many companies who write security software programmes, spend time and resources on research into threats to gain a better understanding, while others will actually purchase malware for research, as this is not technically illegal in most parts of the world. Zero Day Initiative (ZDI) was created by Tippingpoint, and is a system whereby rewards are given to researchers who discover and disclose such threats.