Zero Day Exploit

Category: Security

Recently, the Mozilla Foundation and Adobe Corp. were hit by zero-day exploits launched by organized groups of hackers. The term zero-day sounds sinister and dramatic, but what does it mean? Find out now…

What is a Zero-Day Exploit?

Very simply, a zero-day exploit is a hacker attack that takes advantage of a security vulnerability in a piece of software on the same day the software developer becomes aware of the vulnerability. In other words, the developer literally has zero days in which to come up with a fix. Let's look at these two recent examples to see why zero-day exploits make headlines.

In Mozilla's case, hackers discovered a Javascript programming flaw that allowed them to redirect visitors trying to access the Nobel Prize Web site to another site, which downloaded a Trojan program to the redirected visitors. The Trojan installed itself on infected computers and attempted to connect to two servers in Taiwan. If the connection succeeded, the owners of those servers would gain complete control over the infected computers. That's pretty scary!

Adobe was luckier. A "white hat" hacker discovered the flaw in Adobe's popular Shockwave animation software and simply demonstrated what he could do if he was a bad guy or "black hat". Visitors to a Shockwave animated Web page unexpectedly found their Windows Calculator accessory popping open. But the vulnerability could have been used to infect a computer with something like the Firefox Trojan.
zero-day exploit

What's really interesting is the difference between the responses of Mozilla and Adobe. The Mozilla team released a patch that was automatically installed on affected versions of Firefox within 24 hours of learning about its zero-day vulnerability. Adobe simply advised everyone to "exercise caution" with Shockwave Web pages, and said it is "currently working on determining the schedule for an update to address this vulnerability."

Should I Panic?

A zero-day exploit seldom results in widespread mass infections of computers with malware. Security researchers - "white hats" like the Firefox trickster - detect many vulnerabilities before hackers do, and responsible companies patch vulnerabilities quickly. But some zero-day exploits go unpatched much longer, and that can be a problem as more and more malware is released to exploit the vulnerabilities.

Don't panic when you read that a "new zero-day exploit has been detected" in any program you use. Just learn how the exploit works and avoid it. That may mean not using a particular program, not clicking on email attachments; avoiding unknown Web sites and those known to be compromised by the exploit.

Check for patches at software developers' Web sites as soon as you learn about zero-day exploits. Not every developer pro-actively distributes patches as Mozilla did to Firefox users. You may have to find, download, and install a patch yourself.

Subscribe to automatic installation of at least "critical security updates" for your operating system and application software, if they're available. Use anti-malware software to constantly monitor your computer and its incoming Internet traffic for suspicious activity or software code.

Another good idea is to scan your software for vulnerabilities using the Secunia Personal Software Inspector (PSI). This free program will tell you which programs need updating and provide links to sites where you can download patches.

A zero-day exploit is simply a newly discovered threat, a possible avenue of attack. It is not an actual attack. As the ancient Romans said, "Our fears always outnumber our dangers."

Do you have something to say about zero-day exploits? Post your comment or question below...