Computer Knowledge - Zero Day Attack

Search this site or the Internet.

Hot Topics

Please see the CKnow Home Page for a list of current hot topics.

Hot Utilities

Utilities that may help you...

Registry Booster [more]
Free registry scan.
SpeedUpMyPC [more]
Auto maximize performance.
Registry Mechanic [more]
Registry clean, repair & optimize.
Spyware Doctor [more]
Three-way spyware protection.
Associate This [more]
A file extension manager.
TrID [more]
Identify hundreds of file types!
Free Tech Magazines [more]
No charge. No catch. No kidding.

Notes

DewaHost offers premium Web hosting service starting from $8.95/month and a high speed file hosting service - FileBurst!

CKnow does NOT spam.
E-mail is easily forged.

Zero Day Attack

When someone discovers a product vulnerability and publically discloses it without first notifying the concerned vendor who markets the product, this is called a zero day attack (technically it's not an attack until an exploit is released but once the vulnerability is announced exploits often quickly follow). The term zero day is used because there is zero time between the discovery of the vulnerability and public knowledge of that vulnerability; zero time for the vendor to release a patch and zero time for users to download and install a patch.

Such disclosure is seen by many as irresponsible; the vendor should be notified and have the time to develop a patch against the vulnerability so that users are not as much at risk when the vulnerability is publically made known.

Responsible disclosure is the goal of the Zero Day Initiative. People who find a vulnerability should report it to Zero Day Initiative who will then verify it and inform the vendor. When a patch is available, the vulnerability will be made public. A reward may be paid to those who correctly identify and report a vulnerability.

More Information

Zero Day Initiative

Last Changed: Friday, January 27, 2006
Navigation: Computer Knowledge Home :: Terms :: Z :: Zero Day Attack