Skip to main content
Zero-Day Exploit

A zero-day exploit refers to an undetected or unaddressed security vulnerability in hardware or software. In contrast, a zero-day event describes any cyber attack that uses the exploit before developers can patch up the vulnerability. The "zero-day" term comes from the fact that the people responsible for the software's security had no time to fix the problem before it got exploited by cybercriminals.

In other words, the entity responsible for security only discovered the exploit after an event already happened. Thus, they had zero days to patch the issue before an event occurred. Sometimes, security professionals or even users uncover potential events before they occur. In the worst examples, these exploits and even events may remain undetected for weeks or months.

Examples of High-Profile Zero-Day Exploits

To better understand how much damage an undetected, zero-day exploit can do, look at some high-profile examples:

  • Sony: In 2014, hackers impaired Sony's networks and stole sensitive company information. Some of this breached data included business plans, executive's private email addresses, and details about upcoming releases. According to Gizmodo, the attackers may have purchased details about the security problem on the black market. The FBI claimed that North Korea instigated the attack; however, that's disputed by those who think that even lone hackers could have used the information to create this disruption.
  • Windows and Chrome: As recently as the fall of 2020, Google warned Microsoft and its users about a potential zero-day exploit that impacted both Chrome and the Windows operating system. This issue would let hackers run malicious code on their victim's computers. According to ZDNet, both Google and Microsoft patched these vulnerabilities either before or shortly after the announcement.

Defensive Measures for a Zero-Day Exploit

If potential exploits can threaten such large tech companies as Google and Microsoft, they're obviously hard to detect. By definition, they're unknown vulnerabilities, so common security software won't have them included in their databases yet. Still, even small businesses and individuals can take some steps to protect themselves.

Threat Hunting and Detection
Tools such as Sophos' Intercept-X have the possibility of detecting a Zero-Day, however it is most likely that if an Advanced Persistent Threat or APT were to target your business and deploy a Zero-Day it would most likely go unnoticed until defensive tools found the malicious anomalies.
 

Patch and New-Release Policies

Naturally, computer users should make it their policy to apply patches and new releases right away. This measure cannot eliminate risks completely, but it can reduce them by slimming the entry points in which to launch an attack.

Zero-Day Exploit Initiatives

On the positive side, some organizations have created zero-day initiatives. These reward people for reporting vulnerabilities to reduce financial incentives to sell this kind of information on the black market. Some companies such as Zerodium will reward ethical research with millions of dollars for their work, which would hopefully reduce the likelihood of them being used maliciously.

Get a Customized Proposal

Use our Scoping Questionnaire to provide us with the necessary information to put together a proposal for you. Please be as thorough as possible with your responses, as it helps us ensure an accurate and complete proposal.
If you're interested in application penetration testing, you may find this article helpful when formulating your responses: Understanding Application Complexity For Penetration Testing.

If you have any questions, contact us at (952) 836-2770 or schedule a meeting. We will follow up promptly once we receive your responses. We look forward to speaking with you soon.

Having trouble viewing the Scoping Questionnaire? Check to see if an ad-blocker is keeping the page from loading properly.

Dedicated Client Portal

Interact in real-time with your RedTeam security professionals on our user-friendly client portal and see firsthand as the team closes in on your company data.

Certified Security Experts

Our trusted security professionals hold certifications from the leading industry organizations, including OSCP, CASS, CPT, CISSP and more.

Research-Focused Approach

We hold industry-leading certifications and dedicate part of every day to research the latest exploit techniques to ensure our clients remain protected from evolving online attacks.

Free Remediation Testing

Once your team addresses remediation recommendations, RedTeam will schedule your retest at no additional charge.