In order to fully understand, the term "zero day" should be broken down into two parts - a zero-day vulnerability and a zero-day exploit.
Zero-day exploits are tools created by some hackers to take advantage of a coding oversight by the creator of a program in the creation of software. Zero day exploits usually exist to spread malware. One such example is to be found in a recent Firefox exploit that searched for sensitive files and uploaded them to a server apparently located in Ukraine. Mozilla, to its credit, was very prompt in releasing a security update for the uncovered vulnerability.
The term "zero-day vulnerability" refers to the aforementioned coding oversight or unpatched, exploitable vulnerabilities. Zero-day vulnerabilities are an attractive prospect for hackers who seek to create an exploit to take advantage of the vulnerability. Governments, businesses and criminals all purchase zero-day vulnerabilities. Every piece of software has a number of zero-day vulnerabilities, waiting to be discovered and exploited - the process of software development, the prioritization of speed to market above security makes it inevitable.
Zero-day vulnerabilities are difficult to uncover, creating a working exploit for a zero-day vulnerability is mentally taxing - as a result exploits are very valuable, both to companies and on the black market with prices potentially fetching up to $300,000. Less valuable but more common are exploits for vulnerabilities for which a patch has been released within the past few hours. These exploits take advantage of consumer ignorance.
0 comments:
Post a Comment