Understanding Zero-Day Vulnerability

Jan 16, 2015   //   by nick   //   Blog, Internet Security  //  No Comments

What is a Zero-Day Vulnerability?

A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.

In order for the vendor to rectify the vulnerability, the software company must release a patch. Often patches are released on a regular basis, one example being Microsoft’s Patch Tuesday. On the second Tuesday of each month, Microsoft releases security fixes that resolve identified holes. If however a critical vulnerability is discovered, a patch may be released outside of schedule.

Browsers are similarly vulnerable and it’s a good idea to keep your browser updated for added security as well as features. To check if any updates are available for your browser of choice, open the browser and click either “Help” or the browser name, depending on which browser you’re using. A quick online search will provide step-by-step instructions. Alternately, you could set up automatic updates, again, depending on browser. Here is an example of Google Chrome.

Update Google Chrome

To make sure that you’re protected by the latest security updates, Google Chrome can automatically update if it detects that a new version of the browser is available.

Keeping Chrome updated
Learn about what happens when Chrome updates to a new version.

Check for an update manually and see the current browser version

Click the Chrome menu Chrome menu on the browser toolbar and select About Google Chrome. The current version number is the series of numbers beneath the “Google Chrome” heading. Chrome will check for updates when you’re on this page. Click Relaunch to apply any available update.

When are updates available

Normally updates happen in the background when you close and reopen your browser. However, if you haven’t closed your browser in a while you might see the Chrome menu on the browser change colors to green Update Chrome, orange Sync error, or red . If you see green that means an update has been available for 2 days, orange – 4 days, and red – 7 or more days. To apply an available update, just follow the steps below.

  1. Click the Chrome menu on the browser toolbar.
  2. Select Update Google Chrome.
  3. In the confirmation dialog that appears, click Restart. The browser saves your opened tabs and windows and reopens them automatically when it restarts. If you’d prefer not to restart right away, click Not now. The next time you restart your browser, the update will automatically be applied.

Windows 8 users: Make sure to close all Chrome windows and tabs on the desktop and Windows 8 app, then relaunch Chrome to apply the update.

Zero day vulnerabilities can be serious security risks. When searching for an appropriate antivirus solution, look for security software that protects against both known and unknown threats.

Leave a comment

Mr. Computer