Dresner Group Blog
A Zero-Day Vulnerability Doesn’t Mean Zero Options
A zero-day attack is particularly dangerous because it occurs before the software or hardware vendor is aware of it. This exploit is a vulnerability hidden in the code, unknown to the vendor, but somehow found by hackers. This means that there is no patch available to prevent the attack from occurring until the attack is already in progress. In other words, you have “zero days” from the time the vulnerability is discovered to protect against the attack: once the exploit is triggered, it’s already too late.
A zero-day attack can find its way onto your computer in a variety of ways, but no matter in what form it presents itself, the goal of the exploit is to inject malicious code into your system. This intrusion can compromise your computer, allowing the hacker to co-opt it for their own nefarious needs. Some examples of how a zero-day exploit can reach your systems are:
Web Browser: If there is an exploit in your web browser or a web extension, an infected website can use your web browser as a way to gain access to your computer. You don’t even have to click on a link, just visiting an infected website can be enough to spread the malware. One common extension used to gain access to computers was Adobe’s Flash Player. Since its release, there have been over 1,000 exploits found in Flash. Is it any wonder some web browsers either don’t support it or highly recommend the user doesn’t install it?
Poorly Written Software: With the extensive and continuously growing amount of software, it is little wonder some of it doesn’t follow best practices. While it may not be deliberate, the resulting lack of standards and quality control allows hackers to find an exploit and compromise a computer which may have the software installed on it. While this is mainly a risk associated with shareware or freeware, there is plenty of paid software which just isn’t written carefully enough.
Email: This is one of the primary methods your computer is compromised. Not only from a Zero Day attack but a myriad of other ones as well. The best way to prevent this from occurring is to follow best practices regarding opening attachments. Remember, if you open an attachment containing a zero-day exploit, there is nothing to stop the attack from happening until the vendor releases a patch, a patch which--depending on the age of the software or hardware--may never come.
Closing the Window
A vulnerability window is the time between the exploit being released and the patch being administered to close it. Depending on how fast the patch is delivered can have a significant effect on how ingrained the malware becomes in “the wild” and on user’s systems. While the vulnerability can’t be stopped, in many cases their damage can be mitigated by using best practices for cybersecurity.
- Ensure your firewall is up-to-date and protecting your network and reducing opportunities for cross-contamination.
- Keep your antivirus software up-to-date
- Check your browser settings to control how much access your extensions have
- Wait before installing newly released software to give the early adopters the opportunity to find any bugs.