Zero-day is a term used to refer to a computer security vulnerability that is known to computer hackers, particularly those of the black hat variety, but is yet to be known by software companies and manufacturers. The term “zero-day” refers to the zero days that have passed since the vulnerability was discovered.
The concept of a zero-day vulnerability is used by black hat hackers to exploit software before the software can be patched or otherwise secured against exploitation. Hackers may use the information that they can gain through the exploitation of zero-day vulnerabilities to gain access to a computer system without being detected.
The threats that come with zero-day vulnerabilities have been a major concern for software companies and computer security researchers alike. In an effort to make sure that these types of vulnerabilities are discovered and patched quickly, security researchers often publish identifying information about the vulnerability as soon as possible, allowing software companies to create and release patches for the vulnerability as soon as possible.
In recent years, software companies have begun to employ measures to protect from zero-day vulnerabilities as part of their security protocols. Examples of such measures include the incorporation of sandboxing and virtual machine technologies, as well as various anti-virus and malware scanning tools.
