Zero Day
Definition
A Zero-Day refers to a software vulnerability that is unknown to the vendor and has no available patch, leaving systems exposed to exploitation.
Examples
- An attacker discovers an unpatched flaw in a web browser and uses it to execute malicious code remotely.
- A zero-day vulnerability in a popular file-sharing app is exploited to steal data before the company is even aware of the issue.
Overview
A Zero-Day refers to a software vulnerability that is discovered by attackers before the vendor or developer becomes aware of it. Since the vendor has had zero days to develop and release a fix, these vulnerabilities pose a serious risk. Attackers who exploit zero-day flaws can compromise systems without being detected or blocked by traditional defenses.
Zero-days are especially dangerous because they catch both users and defenders off guard. Until a patch is released and deployed, there’s often no guaranteed way to fully mitigate the risk. This makes zero-day exploits highly valuable to cybercriminals, nation-state actors, and even cybersecurity researchers who may report them responsibly.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.