Answer:
You will see articles in the press about new zero-day exploits that are a type of cyber threat. The term zero-day exploit is not telling us what type of threat it is but how long known and defenses available for it. In the cybersecurity world there are new vulnerabilities continuously being discovered in all types of software. As they are publicized often the publishers of the software have already known about the threat and published patches for it or know that a patch, they already have out there will fix this vulnerability. However, zero-day exploits are a stronger threat. A zero-day exploit is a vulnerability that was just discovered (or became known outside a group of hackers) and with it there has been no patch made to correct it yet. This means it is available now that it has been released for every other threat agent to take advantage of on any computer running that version of that software. Software organizations will immediately start working on a patch to stop the vulnerability and depending on the level of threat it is. Sometimes these are very severe threats. You will see stories on the bigger ones in the popular press. It is called a zero-day threat/exploit as it has been essentially zero days since discovered which means zero days that they have had to develop a patch. Now actually it will stay a zero-day exploit for a number of days until a patch is developed.
Remember as they develop a patch, it is not just developing a patch for this specific threat, but the patch must be tested quickly to make sure that the patch does not cause other vulnerabilities and that is not easy to test quickly in complex large programs like Windows that has millions and millions of lines of code that are all interdependent. The second part of testing is to make sure that it does not cause the software to not work correctly. There are lots of zero-day threat/exploits and your security software will often tell you about them also. However, the biggest thing to know is when patches come out for zero-day threats it is important to install them on your machine as threat agents will be using those vulnerabilities extensively then as it is a known open door into lots of people’s systems. Send me your questions about computers to me at the paper or to my e-mail dwight@dwightwatt.com and tell me you read this in this paper. I will pick a question to answer each week.
Dwight Watt does computer work for businesses, individuals and organizations and teaches about computers at a technical college in northwest Georgia. His webpage is www.dwightwatt.com. His e-mail address is dwight@dwightwatt.com.
