(410) 531-6727

Blog

  2. Home
  3. Blog
  4. Michael Deskin
  5. A Zero-Day Vulnerability Doesn’t Mean Zero Options

Dresner Group Blog

Our technology blogs feature IT tips and best practices for businesses in Columbia, Baltimore, Bel Air and in and about Maryland since 2002.
Categories
Tags
Categories:   All Categories
Suggested keywords
x

A Zero-Day Vulnerability Doesn’t Mean Zero Options

zero day vulnerability

A zero-day attack is particularly dangerous because it occurs before the software or hardware vendor is aware of it. This exploit is a vulnerability hidden in the code, unknown to the vendor, but somehow found by hackers. This means that there is no patch available to prevent the attack from occurring until the attack is already in progress. In other words, you have “zero days” from the time the vulnerability is discovered to protect against the attack: once the exploit is triggered, it’s already too late.

A zero-day attack can find its way onto your computer in a variety of ways, but no matter in what form it presents itself, the goal of the exploit is to inject malicious code into your system. This intrusion can compromise your computer, allowing the hacker to co-opt it for their own nefarious needs. Some examples of how a zero-day exploit can reach your systems are:

Web Browser: If there is an exploit in your web browser or a web extension, an infected website can use your web browser as a way to gain access to your computer. You don’t even have to click on a link, just visiting an infected website can be enough to spread the malware. One common extension used to gain access to computers was Adobe’s Flash Player. Since its release, there have been over 1,000 exploits found in Flash. Is it any wonder some web browsers either don’t support it or highly recommend the user doesn’t install it?

Poorly Written Software: With the extensive and continuously growing amount of software, it is little wonder some of it doesn’t follow best practices. While it may not be deliberate, the resulting lack of standards and quality control allows hackers to find an exploit and compromise a computer which may have the software installed on it. While this is mainly a risk associated with shareware or freeware, there is plenty of paid software which just isn’t written carefully enough.

Email: This is one of the primary methods your computer is compromised. Not only from a Zero Day attack but a myriad of other ones as well. The best way to prevent this from occurring is to follow best practices regarding opening attachments. Remember, if you open an attachment containing a zero-day exploit, there is nothing to stop the attack from happening until the vendor releases a patch, a patch which--depending on the age of the software or hardware--may never come.

Closing the Window
A vulnerability window is the time between the exploit being released and the patch being administered to close it. Depending on how fast the patch is delivered can have a significant effect on how ingrained the malware becomes in “the wild” and on user’s systems. While the vulnerability can’t be stopped, in many cases their damage can be mitigated by using best practices for cybersecurity.

  • Ensure your firewall is up-to-date and protecting your network and reducing opportunities for cross-contamination.
  • Keep your antivirus software up-to-date
  • Check your browser settings to control how much access your extensions have
  • Wait before installing newly released software to give the early adopters the opportunity to find any bugs.
The best defense against any type of cyberattack is preparation. Dresner Group offers a wide range of IT Security Solutions, for more information about protecting your business and its data, give us a call at 410-531-6727.
Tags:
Network Security Hackers Vulnerability
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Fingers Crossed! The Robocalls May Soon Stop
You May Be Surprised What You Are Missing Without ...

About the author

Michael Deskin

Michael Deskin

Michael Deskin joined Dresner Group, a leading technology provider of managed network and security services, in 2004 as a firm principal. Since that time, Dresner Group has continued to grow while gaining recognition for helping local businesses solve their IT issues so they could become more profitable and successful. Today, Michael oversees Dresner Group’s strategic vision, operational goals and business development efforts.

Michael has served on the Board of Directors for Associated Builders and Contractors, Association of Community Services for Howard County Maryland and other local community organizations. He is an active member is his local community and enjoys spending his spare time with his wife and four growing boys.

Author's recent posts

More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, 26 April 2024

Captcha Image

Client Service Login

Latest News & Events

Dresner Group Announces Sponsorship of ABC Joint Tech Summit
Columbia, MD - Dresner Group is proud to announce its sponsorship of the upcoming ABC Joint Tech Summit, a premier event hosted by the four local chapters of the Associated Builders and Contractors (ABC). The summit, spanning two days, will be held o...
Read More

Contact Us

Learn more about what Dresner Group can do for your business.

Copyright Dresner Group. All Rights Reserved.

Clicky