Jump to content

Zero-day attack

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Alkivar (talk | contribs) at 23:29, 15 December 2005 (rv, lastest). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Zero day or 0day refers to software, media, or information that is obtained either slightly prior to or on the day of the official release. Items gained further in advance are deemed "Negative day" or sometimes "-day".

Zero day warez

When applied to copyrighted works such as computer software, motion pictures, and musical recordings, zero day has connotations of illegality. Zero day software is warez, that is, infringing items. The term derives from the day when the software is illegally available. Counting from zero, software that is illegally available on the day of its release is available on the zeroth day, hence the term. Similarly, one can refer to one day, two day, etc., software. One can also refer to negative day software for software that is illegally available before its official release, but such software may also be referred to as zero day. These packages are more likely to be containers for illegal software, and contain cracked, bogus, or randomized software. These packages can be viewed in torrent sites.

Zero day vulnerabilities

When applied to information, zero day usually means information that is not publicly available. This is often used to describe security vulnerabilities exploits which are unknown to computer security professionals. These are, figuratively speaking, the system administrator's worst nightmare: Since the attack is completely unknown to the public it is impossible to defend against, and consequently it may happen that an entire network is taken over before the administrator has a chance to respond.

Zero-day protection is the ability to provide protection against zero-day exploits. Typically this involves heuristic termination analysis, such as some sort of sniffer which would detect buffer overruns and other common exploits, stopping them before they actually caused any harm. However, a perfect solution of this kind is impossible, since it is computationally infeasible in the general case to analyze any arbitrary code to determine if it is malicious, as such an analysis reduces to the halting problem over a linear bounded automaton. Alternatively, some vendors utilize zero-day purchasing programs to provide protection against issues prior to their becoming public knowledge. An example of such a program is TippingPoint's Zero Day Initiative.

The term 'zero day exploits/vulnerabilities' is sometimes (mis)used to indicate publicly known exploits/vulnerabilities for which no patches yet exist.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Zero-day_attack&oldid=31537081"