-
October and beginning of November, 2020 saw Google urgently patching 2-zero day vulnerabilities in Chrome.
-
Microsoft’s November 2020 Patch Tuesday fixes zero day bug in Windows 10.
Origin of the Term Zero Day
In the 1990’s, there was a software piracy scene that was called the ‘warez’ scene. It was groups of people that shared commercial software illegally using modems. The scene still exists today but uses BitTorrent and other more modern technologies. Back then, modems were slow and transferring pirated software took a long time.
The software would be posted to bulletin boards for members to download. It would be categorized into ‘Days’. One Hundred Day would mean that 100 days have elapsed since the software was released to the public. ’30 Day’ would mean 30 days have elapsed, so software in this category was newer.
The most sought after was ‘Zero Day’. This was software that had not yet been released to the public. Often this software was acquired by hacking into a company’s network and stealing their unreleased software, or by an insider who stole the software before release. For this reason the hacking and warez scenes were closely linked.
Modern Meaning of Zero Day
The modern security industry has borrowed the term ‘zero day’ from the 1990s warez scene to indicate a security hole in software, where the vendor of that software has had ‘zero days’ to fix the problem. So, for example if you have a ‘zero day’ vulnerability in Adobe Flash, it means that Adobe has not yet been made aware of the security problem and there are likely millions of people running a version of Adobe Flash that has this security hole.
Today when speaking in person to security professionals you’ll often hear them pronounce ‘zero day’ as 0Day which is pronounced ‘Oh Day’.
Forever Day
A “forever day” vulnerability is one where the vendor won’t fix the vulnerability. This usually happens because the vendor or original author is no longer maintaining the software. They may no longer be in business or the author may have moved on and abandoned the project.
You can avoid ending up with Forever Day vulnerabilities in your systems by using software that is actively maintained.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM