A zero day attack, also known as a zero hour attack, takes advantage of computer vulnerabilities that do not currently have a solution. Typically, a software company will discover a bug or problem with a piece of software after it has been released and will offer a patch — another piece of software meant to fix the original issue. A zero day attack will take advantage of that problem before a patch has been created. It is named zero day because it occurs before the first day the vulnerability is known.
A zero day exploit is a piece of malicious code which takes advantage of a vulnerability in a piece of software which has not yet been discovered by the vendor. This code can do a great deal of damage before the vendor realizes the problem and develops a patch or a new version of the software, and many vendors test their programs rigorously before release with zero day exploits in mind. Because this type of malicious code relies on vulnerabilities which aren't widely known yet, it can be difficult for computer users to protect themselves from it.
In a simple example of a zero day exploit, a hacker might realize that the new version of an Internet browser has a security flaw which could potentially allow a hacker to insert malicious software onto the user's computer. He or she would write the code to install the software, and plant it on websites or in email, so that when users came into contact with the code, they would be infected with it. Eventually, the software vendor would realize that there was a problem, and issue a patch to fix the problem and address the zero day exploit.
The general rule of thumb in the computing community is that if someone notices a security vulnerability or flaw which could be an issue, he or she should report it to the vendor. Most ethical computer scientists and people who work with computers do just that. However,hackers, producers of malware, and other less friendly members of the community usually do not, because they want to take advantage of the vulnerability before the vendor realizes it exists. In fact, some people specialize in uncovering vulnerabilities and selling them.
From a hacker's point of view, the best zero day exploit is deployed before the vendor sees a problem. In other cases, the exploit may be released during the vulnerability window, the period of time between the discovery of the issue and the development of a patch to address it. Vulnerability windows can vary in length, depending on the vendor, the program, and the nature of the problem. The term "zero day exploit" references the idea that the code is released on "day zero," before the vendor has recognized an issue
No comments:
Post a Comment