What is a zero day attack?
A zero day attack is a cyber attack that takes advantage of an unknown or unpatched vulnerability for the first time. This could mean that the vulnerability is completely new and that no one was aware of it previously. Or, it could mean that the vulnerability was known, but there was no known way to exploit it, so it wasn’t considered a cyber security risk and prioritized for a patch.
Examples of zero day attack (also called zero day exploits) are:
- New or previously undetected malware (including ransomware).
- A known vulnerability that had never previously been exploited (zero day vulnerability).
- An unknown vulnerability that is exploited.
Once an organization or software provider releases a patch for the vulnerability, it is no longer called zero day. It is possible to have a zero day vulnerability that has never been used for an attack and even that it is unknown how it could be used to exploit a system.