A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched.
An exploit that attacks a zero-day vulnerability is called a zero-day exploit.
The term “zero-day” originally referred to the number of days since a new piece of software was released to the public, so “zero-day software” was obtained by hacking into a developer’s computer before release.
Eventually, the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them. Once the vendor learns of the vulnerability, they will usually create patches or advise workarounds to mitigate it.
Zero-day vulnerabilities pose a higher risk to users for the following reasons:
- Cybercriminals race to exploit these vulnerabilities to cash in on their schemes
- Vulnerable systems are exposed until a patch is issued by the vendor.
Zero-day vulnerabilities are typically involved in targeted attacks; however, many campaigns still use old vulnerabilities.