What does Zero-day vulnerability mean
What does Zero-day vulnerability mean - When a programmer builds a large software with lines of coding, there remain a flaw or hole under which hackers inject malicious codes to manipulate the whole software. Here we will focus on Zero-day vulnerability concept relying mostly on security purpose. A Zero-day vulnerability is a flaw in a software program which cannot be fixed or patched due to unawareness of software developer.
Since the developer has zero days by the time flaws are discovered to protect against the possible attack. If a developer discovers a zero-day vulnerability, it would scramble to correct the flaw and might release update of the software to patch the hole. If in case vulnerability is exploited by the hackers before correction, such attack is called as Zero-day exploit or zero-day attack. Usually Zero-day attacks results in stealing user personal data, remote access to computer and other malicious purposes.
Many possible programs and team were made to track the flaws in software in order to protect it from malicious attacks. In 2014, Google made a team called Project Zero, whose mission was to identify and report flaws in mostly used programs before they can be exploited for malicious purpose. In 2013, the zero-day vulnerability was reported by "White hat – a hacker who do not hack for misleading" to software developer.
Likewise, zero-day vulnerability was seen in 2014 when Russian hackers were found in exploiting a zero-day vulnerability to hack JP Morgan computer systems and other four US financial institution.
In April 2014, a bug known as Heartbleed was used to secure traffic between web servers and computer providing maximum of two years of service. During its first intro, programmer was confused whether this flaw had been exploited. But now it is believed to be the source which is affecting about 4.5 million patient records in the country.