What is a zero-day vulnerability?
A zero-day vulnerability exploits an unknown flaw in software and applications — a flaw that developers have not yet had a chance to fix or patch. Zero-day attacks occur during the vulnerability window that exists in the time between when vulnerability is first exploited and when software developers release a fix. This window can last days, weeks or even months.
The majority of malware infections are a direct result of exploitation of known and zero-day vulnerabilities. Malware writers use zero-day vulnerabilities to compromise attacked systems or steal confidential data such as banking passwords and personal identity information.
Zero-day vulnerabilities pose a serious security risk. The unexpected nature of zero-day threats is a serious concern, especially because they may be used in targeted attacks and in the propagation of malicious code.
Most zero-day vulnerabilities are caused by poorly-written code. Hackers that uncover such vulnerabilities can sell them to hackers who can do some serious damage. The most exploited applications are web browsers, Adobe Acrobat, Adobe Flash, Java and MS-Office (Excel, Word, PowerPoint and Outlook). Most exploits are designed to propagate faster and infect larger numbers of systems.
Businesses can mitigate the damage of zero-day attacks by implementing security best practices, such as:
- Use a virtual LAN to protect content during data transmissions
- Deploy security patches on all endpoints and keep it updated
- Block potentially harmful email attachments
- Be sure your firewall uses stateful inspection
- Deploy inline intrusion-prevention systems (IPS) that offer comprehensive protection
- Use network access controls to prevent rogue machines from gaining network access
- Secure wireless access point and implement a wireless security scheme
- Your IT team should continually monitor evolving threats
- Enlist the help of security experts to protect your network against known and unknown vulnerabilities
- Limit network access to those required for business needs
- Create a security aware culture among your employees
Well-planned incident-response measures, with defined roles and procedures including prioritization of mission-critical activities, are crucial to minimizing the business damage. ACE IT Solutions’ Managed Security Services, offered in partnership with IBM, provide a simple and cost-effective way to limit and mitigate security threats 24×7.