Zero-day vulnerability: What it is, and how it works
Authored by a Symantec employee
A zero-day vulnerability is a software security flaw that is known to the software vendor but doesn’t have a patch in place to fix the flaw. It has the potential to be exploited by cybercriminals.
What is a software vulnerability?
In the world of cyber security, vulnerabilities are unintended flaws found in software programs or operating systems. Vulnerabilities can be the result of improper computer or security configurations and programming errors. If left unaddressed, vulnerabilities create security holes that cybercriminals can exploit.
Why do vulnerabilities pose security risks?
Hackers write code to target a specific security weakness. They package it into malware called a zero-day exploit. The malicious software takes advantage of a vulnerability to compromise a computer system or cause an unintended behavior. In most cases, a patch from the software developer can fix this.
What if your computer becomes infected? Exploit malware can steal your data, allowing hackers to take unauthorized control of your computer. Software can also be used in ways that were not originally intended — like installing other malware that can corrupt files or access your contact list to send spam messages from your account. It could also install spyware that steals sensitive information from your computer.
If you’re an everyday computer user, a vulnerability can pose serious security risks because exploit malware can infect a computer through otherwise harmless web browsing activities, such as viewing a website, opening a compromised message, or playing infected media.
What makes a vulnerability a zero-day?
The term “zero-day” refers to a newly discovered software vulnerability. Because the developer has just learned of the flaw, it also means an official patch or update to fix the issue hasn’t been released.
So, “zero-day” refers to the fact that the developers have “zero days” to fix the problem that has just been exposed — and perhaps already exploited by hackers.
Once the vulnerability becomes publicly known, the vendor has to work quickly to fix the issue to protect its users.
But the software vendor may fail to release a patch before hackers manage to exploit the security hole. That’s known as a zero-day attack.
What can you do to help protect yourself from zero-day vulnerabilities?
Zero-day vulnerabilities present serious security risks, leaving you susceptible to zero-day attacks, which can result in potential damage to your computer or personal data.
To keep your computer and data safe, it’s smart to take proactive and reactive security measures.
Your first line of defense is to be proactive by using comprehensive security software, like Norton Security, that protects against both known and unknown threats.
Your second line of defense is to be reactive and immediately install new software updates when they become available from the manufacturer to help reduce the risk of malware infection.
Software updates allow you to install necessary revisions to the software or operating system. These might include adding new features, removing outdated features, updating drivers, delivering bug fixes, and most important, fixing security holes that have been discovered.
Follow this security checklist to be sure you are doing everything you can to help keep your information protected from the security risks associated with zero-day vulnerabilities:
- Keep software and security patches up to date by downloading the latest software releases and updates. Installing security patches fixes bugs that the previous version may have missed.
- Establish safe and effective personal online security habits.
- Configure security settings for your operating system, internet browser, and security software.
- Install a proactive and comprehensive security software to help block known and unknown threats to vulnerabilities.
Zero-day attack example
Stuxnet — a type of zero-day vulnerability — was one of the earliest digital weapons used. Stuxnet is a highly infectious self-replicating computer worm that disrupted Iranian nuclear plants. The threat took control of computers. It altered the speed of centrifuges in the plants and shut them down.
Symantec researchers Eric Chien and Liam O’Murchu analyzed the worm. They discovered that Stuxnet is a well-crafted computer worm that only a national government could create to control large-scale industrial facilities. With a team of cyber security experts, Chien and O’Murchu came up with patches and workarounds to fix the bug.
Things to remember about zero-day vulnerabilities
- Keep your software up-to-date to help protect yourself against a zero-day vulnerability.
- Check for a solution when a zero-day vulnerability is announced. Most software vendors work quickly to patch a security vulnerability.
- Don’t underestimate the threat. Cybercriminals will seek to exploit security holes and gain access to your devices and your personal information. They can use your information for a range of cybercrimes including identity theft, bank fraud, and ransomware.
- Always use a reliable security software to help keep your devices safe and secure.
New discount! Save 50% on a Norton 360 Standard annual membership your first year.*
Don’t wait to get multiple layers of protection against today’s ever-evolving cyberthreats, at our newly discounted annual price of $39.99 your first year.*
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.