- CNET NETWORKS UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
Got the Love Bug? Scared of spyware? Read all about what's keeping techies awake at night...
Published: 14 November 2006 12:30 GMT
Zero-day
Zero-day is a high alert label. It's used to refer to the fact a bug in a piece of software has been unearthed and is at risk of being exploited by hackers before a patch to fix it is available.
A full-blown attack against an unpatched flaw may even be underway - a zero-day exploit and a zero-day attack have both surfaced recently.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
The result of any zero-day alert is a scramble to get a patch out fast.
If the security risk is particularly critical, a third-party security company may step in and issue an unofficial quick-fix interim patch which users can download and install for temporary protection until the bona fide fix is available.
Back in September, the aptly named Zeroday Emergency Response Team, or Zert, released a quick-fix for an Internet Explorer flaw. Microsoft got its own patch out a few days later - slower than Zert but still ahead of Patch Tuesday, its regular monthly patch-issuing day.
Another issue here is with disclosure – when knowledge of vulnerabilities becomes public domain (and hackers and security professionals know the race is on). Responsible disclosure will typically involve security researchers informing the company whose software is vulnerable what flaw they have found. Irresponsible disclosure will see a vulnerability discovered and its details posted online or otherwise revealed in a public forum.
The line between the two is not always so clear though, and improper disclosure could often be responsible for this zero-day lag between vulnerability discovery and patch availability.
Previous
Page 27 of 27
The Senior Medical Writer will: * Produce high quality scientific copy for a wide variety of medical communication products, including manuscripts, ...
A highly successful Investment Bank is seeking a strong Oracle Application Architect to come on board and work on numerous greenfield projects ...
Are You a VB.Net developer? Want to working with .Net 2? Want to work on complex Win and Web Applications? Working in a Rapid-Application-Development ...
CIO Agenda 2008
The exclusive silicon.com CIO Agenda 2008 survey looks at the CIO's tech shopping list for the year, examines whether IT budgets are rising or falling and reveals what the pain points are for tech chiefs this year. Find out more in our latest special report.
Staffing Service Coordinates Sales Activities, Utilizes Business Intelligence With...
Teachers Association Turns to Centralized Data Repository to Improve Member Service
Financial-Software Leader Credits Productivity Boost, Reduced IT Costs to 2007 Software
United States Coast Guard Explores Potential to Enhance Training With Digital Note-Taking...
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
RSS Feeds
silicon.com Dear silicon.com... XP lives, the femtocell 'truth', BlackBerry bashing… Reader Comments of the Week
Martin Brampton The Brampton Factor: Open source 'brotherhood' closed to co-operation Where's the real sharing?