Yesterday, I heard four different people use the term “Zero Day Attack”.  Strangely, only two were in the information technology business.  I figured that it was time to explicitly discuss its meaning.image

The Information Technology (IT) Vocabulary Builder series aims to deliver a very concise summary of a currently relevant topic to Information Professionals.  It is done mostly by collecting a small number of highly relevant web links to save you the time of combing through search results yourself.  

So, what exactly is a “Zero Day Attack”?

This is how Wikipedia defines it:

“A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others, undisclosed to the software developer, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software developer knows about the vulnerability.

The term derives from the age of the exploit. When a developer becomes aware of a security hole, there is a race to close it before attackers discover it or the vulnerability becomes public. A "zero day" attack occurs on or before the first or "zeroth" day of developer awareness, meaning the developer has not had any opportunity to distribute a security fix to users of the software.”

Please understand that I am not condoning, approving, or commenting on the morality of this issue, just pointing out a popular word that should be understood by all Information Technology Professionals.

Here are some other great sites that discuss this issue:

I hope that helps you.  Enjoy the new word!

That is my Information Technology Thought of the Day (ITTOD) for March 16, 2010 ©Scott Coughlin.

Image Credit: The Toilette Paper Entrepreneur

Be Sociable, Share!

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.