In terms of hacking, what are zero days?


In terms of hacking, what are zero days?

In: 682

Zero day AS it IS stated in the Name is an exploit or a vulnabirility which got found on Release of the stuff that got hacked.

Zero-Day means, that hackers have found and exploited a vulnerability before the wider community and especially the software provider have realized , that this vulnerability exists.

In modern parlor the length of time indicates how long the hack have been publically known or alternatively how long a fix have been available to counter the hack. So for example when someone successfully uses a two year hack it means the system they are attacking is not updated. If you use a two week hack you can attack a lot of systems which only update once a month or so. A one day hack is quite recent and only a few systems are upgraded to counter it. But a zero day hack is a hack that have not yet been publically known for which no updates are made to counter. So you would expect it to always work.

It’s the number of days that the problem has been revealed outside of the hackers who found it.

For example, if Home Depot sold a door lock, but it had a problem where you could stick a magnet on it and it would unlock the door, then that would be a hack burglars could use to break into anyone’s house who used that lock.

If Home Depot discovers this problem before the burglars do, they could publicly announce it and tell everyone who owns that lock to get it fixed. Then it’s a race between home owners to fix their locks before burglars use the hack to break into their homes.

The more days that pass between the public announcement and a burglar trying to hack someone’s lock, the more likely it is that the home owner has already fixed the lock.

So a “one-day” would be a burglar trying to hack a lock one day after Home Depot announced the problem, and a burglar might have a decent chance of breaking in if they picked a lazy or slow home owner’s home. A “30-day” would be a lot less likely for the burglar to succeed, since most home owners would have hopefully fixed their lock by then.

A “zero-day” would be if the burglars found out first before Home Depot did. Then any burglar who knows about the hack could break into the home of anyone who owns that lock, since no one would have fixed it.

When a vulnerability is found by a hacker he normally follows a responsible disclosure protocol.

The vendor is informed, time is given to create a patch/update/inform customers, and additional time for all affected users to upgrade their systems. Only then full details about the vulnerability are released and often after that time the vulnerability is widely used to attack systems. (As now other people also have knowledge about the details to create exploits.)

When the details of the vulnerability, or an exploit, are imediately released, there has been no time (zero days) to remediate the issue. As nobody is fully protected, these zero days are extremely disruptive.

More general the term zero day is also used for recent vulnerabilities for which there is no patch available (yet).