What is a zero day?
Explained | News

What is a zero day?

Posted: April 12, 2017 by Scott Wilson

You have probably heard the term zero-day or zero-hour malware, but what exactly does it mean?

It’s simple: it just means the malware is using a software vulnerability for which there is currently no available defense or fix. The vulnerability allows the malware to perform actions on your system that should not be permitted, such as running arbitrary code. Such malicious actions can impact the confidentiality, integrity, or availability of your system.

If a vulnerability is known already (i.e. not a zero-day), then chances are the software vendor has patched it, and/or security software vendors have added defenses against it. So you can protect yourself against known vulnerabilities simply by keeping your software, including your anti-malware defense, up to date. But these precautions will not protect you against zero-days.

You can think of the search for new vulnerabilities as a race. When security researchers and good guys find them, they warn the software vendor so the vulnerability can be patched. The best practice (what’s called “responsible disclosure“) is to initially do this privately, so the bad guys won’t get a head’s up. Once some time has passed, allowing the vulnerability to be patched, the finding is made public. At this time, it might get a CVE number from the Mitre Corporation so that any interested party may refer to the vulnerability using a standard name.

Unfortunately, the bad guys are also in this race. They look for vulnerabilities in order to accomplish their ends, which generally involve ripping you off in some way. They try to find undisclosed vulnerabilities and create malware that takes advantage of them.

So are we defenseless against zero-day attacks? Happily, the answer is no. Anti-Exploit software like Malwarebytes Anti-Exploit can monitor your system for the sorts of actions associated with zero-day exploits and shut them down before they harm your system. If you’d like to learn more about the technical details, you may read about them in this blog post about how Malwarebytes Anti-Exploit works.

RELATED ARTICLES

week in security
News

A week in security (April 8 – April 14)

April 15, 2024 - A list of topics we covered in the week of April 8 to April 14 of 2024

CONTINUE READING 0 Comments
change social security number
News

How to change your Social Security Number

April 12, 2024 - Wondering whether changing your SSN is an option. Read here what you need to qualify for a new SSN and what you need to get one.

CONTINUE READING 0 Comments
mercenary spyware alert
News | Privacy

Apple warns people of mercenary attacks via threat notification system

April 11, 2024 - Apple has sent alerts to people in 92 nations to say it's detected that they may have been a victim of a mercenary attack.

CONTINUE READING 0 Comments
A 13-year-old girl is using her smartphone in the dark room. The content she is browsing projects in front of her.
Cybercrime | Personal

How to protect yourself from online harassment

April 10, 2024 - Don't wait for an online harassment campaign to unfairly target you or a loved one. Take these proactive steps today to stay safe.

CONTINUE READING 0 Comments
Introducing the Digital Footprint Portal
Cybercrime

Introducing the Digital Footprint Portal

April 10, 2024 - Find out what sensitive data of yours is exposed online today with our new, free Digital Footprint Portal.

CONTINUE READING 0 Comments

ABOUT THE AUTHOR

Scott Wilson

Scott Wilson

Product Manager

Foiler of malware. Foe of cybercriminals. Responsible for the malware sample management system that's at the core of the defense pipeline.

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams