Every now and then, you may run across the term “0-day (zero day) exploit.” What does this mean and what can you do about it?
What is 0-day?
0-day refers to an exploit, hole, or ability to hack a software program that has not yet been fixed. It could be a program on your computer, like Internet Explorer, or a piece of hardware you have never heard of like Cisco IOS. Anything that runs software could be subject to an attack.
What can I do about it?
Avoiding the problem program is the best thing you can do. Unfortunately, this isn’t always a solution. Because there is no patch for this type of problem, you can only work around the problem. For example, if a 0-day exploit is found in Internet Explorer, you might consider using Google Chrome until a patch is released.
Where do I find out about these?
For anyone curious about computer security, but not for the faint of heart, start with the ISC Handler’s Diary. They detail current threats, but does contain information directed at computer professionals. You can also check out the Zero Day Initiative, a project headed-up by TippingPoint.