What Is A Zero-Day Vulnerability?

With increasing levels of attempted cyberattacks, software and anti-virus companies are increasingly on the lookout for cybercriminals able to create new threats. We explain more about these threats known as Zero-Day vulnerabilities which are growing in frequency.

What is a Zero-Day vulnerability?

A Zero-Day vulnerability is an unknown virus or piece of malware. Typically, it will have been engineered to allow hackers and cybercriminals to exploit previously unknown security gaps within software or application.

As both the risk and the Zero-Day malware are typically new or unknown, it can be easy for such vulnerabilities to slip past anti-virus and email filtering software undetected. And depending on the weakness that’s being exploited, the Zero-Day vulnerability may be able to avoid traditional detection methods altogether.

Typically as soon as a security gap is uncovered, software developers will work to patch the security gap. This can often be done quickly but can be problematic if the software is no longer supported.

Examples of Zero-Day Vulnerabilities

Zero-Day vulnerabilities are found all the time. Zoom even found one for users running Windows 7 (which introduced problems as the OS was unsupported).

Perhaps the most famous Zero-Day vulnerability was Stuxnet – a piece of malicious worm software that was used to disrupt machinery operations at Iran’s nuclear enrichment programme. It was believed to be international sabotage and the first major example of the weaponisation of malware.

How to protect against Zero-Day vulnerability?

While Zero-Day malware can be complex, in nearly all cases it enters systems in exactly the same way as other viruses and malware – emails and link downloads.

Users therefore need to show extra vigilant – particularly with regard to emails from unknown senders with attachments or links of any kind.

Before opening any attachment or clicking on a link, please ensure that you are 100% confident that it is genuine and was intend something you were expecting to receive.

Although .zip attachments and the like are more prominent carriers of the virus, standard office files and seemingly genuine website links are also used.

Akita is an expert cyber security partner with over 25 years experience, find out more about our services:

Back to feed

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

What Is A Zero-Day Vulnerability?