Zero-Day Exploits

A zero-day vulnerability is a vulnerability that the application author has not yet become aware of.

Major software vendors issue frequent security updates to patch known vulnerabilities. If a vulnerability is discovered by someone other than the program's author, attackers can exploit the weakness before a patch can be issued. (Thus, the author has had "zero days" to prepare themselves.)

Zero-day exploits are an example of why it is important to practice defense in depth, since you are immediately vulnerable once a zero-day is discovered in any software you use. Ways to mitigate this kind of vulnerability include:

• Minimizing information leakage, so you are not advertising your tech stack to attackers.
• Following the principle of least privilege, so the impact of attacks are limited.
• Making sure to run up-to-date anti-virus and firewall software, if you host your own servers.
• Keeping on top of security advisories for your technology stack.