Zero Day Exploits

A zero-day vulnerability is a vulnerability that the application author has not yet become aware of.

Major software vendors issue frequent security updates to patch known vulnerabilities. If a vulnerability is discovered by someone other than the program’s author, attackers can exploit the weakness before a patch can be issued. (Thus, the author has had “zero days” to prepare themselves.)

Zero-day exploits are an example of why it is important to practice defense in depth, since you are immediately vulnerable once a zero-day is discovered in any software you use. Ways to mitigate this kind of vulnerability include:

  • Minimizing information leakage, so you are not advertising your tech stack to attackers.

  • Following the principle of least privilege, so the impact of attacks are limited.

  • Making sure to run up-to-date anti-virus and firewall software, if you host your own servers.

  • Keeping on top of security advisories for your technology stack.