What is a Zero-Day attack?
The term Zero-Day attack or just Zero Day is used to refer to any system exploit that has been discovered and not yet patched. Normally, the Zero Day begins when the developer is made aware of the glitch and can be traced back to release.
A famous example that crops up in the security industry includes a glitch discovered in a popular Operating System that was not discovered for seven years. This means that nefarious individuals could have been using that glitch for their own purposes for nearly 10 years. One of the problems with Zero Day attacks is that those who discover them do not normally divulge this information for obvious reasons and so individuals affected will not know they are vulnerable to attack until it is too late.
One of the best ways to combat Zero-Day attacks is to manage a whitelist. The whitelist is a software term that refers to programs that have been extensively tested for exploits and vulnerabilities and then given trusted status on a system. Your system administrator will normally run the whitelist and for those of us who use Government owned computers and can’t think of why we aren’t allowed to install certain program… Well, it may be because the program is not whitelisted yet. That doesn’t necessarily mean the software is dangerous; but if it is untested then it is best not to take the risk.
My goal is to pick different computer and security related topics and post a new one with explanation each day. I will also be discussing new technology available to the Government and private sectors.
Aaron Jones has worked in the Information Technology and Security industry for over 14 years. He started his first web page development business at the age of 10. Since then he has moved on to serve in the Texas State Military Forces and currently works in an Intelligence related position.