What is Zero-Day Vulnerability (ZDV)?


12:04 PM

1 min read
What is Zero-Day Vulnerability (ZDV)? Blog Image


Google Chrome has been hit with another zero-day vulnerability, which has set the alarm bells ringing among users and cyber experts.

About Zero-Day Vulnerability:

  • A ZDV is a system or software vulnerability unknown to the vendor and for which no patch or means of mitigation are available at the time it is discovered
  • The term ZDV refers to the flaw itself, while zero-day attack refers to an attack that has zero days between the time the vulnerability is discovered and the first attack. 
  • Zero-day exploit refers to the method or technique hackers use to take advantage of a ZDV, often via malware, and execute the attack.
  • Thus, a zero-day attack occurs when threat actors develop and release malware that targets the ZDV. 
  • Because they were discovered before security researchers and software developers became aware of them—and before they can issue a patch—ZDVs pose a higher risk to users for the following reasons:
    • Cybercriminals race to exploit these vulnerabilities to cash in on their schemes.
    • Vulnerable systems are exposed until a patch is issued by the vendor.

Once a ZDV has been made public, it is known as an n-day or one-day vulnerability.

Q1: What is Malware?

Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server. Types of malware include computer viruses, worms, Trojan horses, ransomware and spyware.

Source: Indian Govt Warns About Major Google Chrome Security Alert: What You Need To Know