A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others (including the vendor), or for which no security fix is currently available. Zero-day exploits are used, and/or shared by the attackers and unaware users, before the software vendor knows about the vulnerability.
The term derives from the age of the exploit. When a software vendors become aware of such a security hole, there is a race to fix it before attackers discover it or the vulnerability goes public. A "zero day" attack occurs on or before the first or "zero" day of vendor awareness, thus the vendor has not had any opportunity to disseminate a security fix to users of the software.
Usual methods of malware is to over-run buffer memory (or heap memory) when hacked data is loaded, allowing arbitrary code to be implanted on system that can cause the operating system to crash or security to be breached. Exploiting this type of flaw is usually operating system/application specific.
IBM Sponsored Resources
Resources from our Sponsor
- Oracle Exadata vs IBM: Netezza Compared
- Forrester TEI Report
- CIA Whitepaper
- Harnessing the Power of Advanced Analytics
- Tapping into Unleashed Business Potential with Advanced Analytics
- Unlock Analytic Performance with Revolution R for Enterprise and IBM: Netezza Data Warehouse Appliance
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
