A Zero-day vulnerability is a software flaw for which there is no patch or fix is available usually because the software vendor is unaware of the vulnerability.
The term “Zero-day Vulnerability” comes from the fact that the developers have “zero-days” to protect against cyberattacks since the discovery of the flaw.
Once a flaw is discovered in a software, programmers or developers rushed to release an update containing the necessary patch. But if the flaw or vulnerability is discovered by the cyber attackers to exploit the system, the resulting attack is called as “Zero-day attack” or “Zero-day exploit”.
To minimise the risk of vulnerability, software vendors releases patches on a regular basis. For example, Microsoft releases “Patch Tuesday” in which the company releases patch every second or fourth Tuesday of every month in North America.
According to a report submitted by Symantec in 2014, a total of 23 zero-day vulnerabilities were discovered in 2013, highest zero-day vulnerability in history.
The famous “Heartbleed bug”, a zero-day vulnerability in the Open SSL Encryption Library which is most widely used implementation of the Transport Layer Security (TLS) Protocol, is discovered in April 2014. As of 2014, around 1,200,000 most popular TLS-enabled websites were vulnerable to Heartbleed bug.
According to a leading security expert, personal data of around 4.5 million healthcare patients is hacked due to Heartbleed bug. Open SSL is used by computer operating systems, instant messaging systems, browsers and other software products to protect sensitive data. A fix was made at the time and software vendors were advised to to employ it.
Traditionally, antivirus software relies on malware signature to detect any virus, since there is no signature present beforehand in case of zero-day attack,this approach is not effective. Most modern antivirus still use signature approach but also use other types of analysis.