A zero-day vulnerability is a software security flaw that is unknown to the company that created the software and therefore has no patch or fix available yet.
The term “zero-day” refers to the fact that developers have had zero days to address the vulnerability once it becomes known.
Because the flaw is undiscovered by the software vendor, attackers who find it can exploit the vulnerability before a fix is created and distributed.
Why Zero-Day Vulnerabilities Are Valuable
Zero-day vulnerabilities are extremely valuable because they can bypass many security protections. Since no patch exists, traditional defenses such as antivirus software or intrusion detection systems may not recognize the attack.
These vulnerabilities are often used by:
• Government intelligence agencies
• Advanced cyber-espionage groups
• Commercial spyware developers
• Highly skilled cybercriminal organizations
Some zero-day vulnerabilities have reportedly sold for hundreds of thousands or even millions of dollars on private exploit markets.
Lifecycle of a Zero-Day
A typical lifecycle includes:
-
A vulnerability is discovered.
-
Attackers secretly exploit it.
-
Security researchers eventually detect it.
-
The vendor releases a patch.
-
The vulnerability becomes a known issue.
Once a patch is released, the vulnerability is no longer considered a zero-day.
« Back to Glossary Index