Zero Day Exploit
6 Pages Posted: 14 Jan 2014
Date Written: January 13, 2014
Zero day vulnerability is vulnerabilities against which no vendor has a patch and no one has still released any patch in the market. Due to the absence of patch it’s a major threat to the concern organization and its users. Zero day exploit is the day between the vulnerability is known and the first day of its attack. Nowadays there are a good number of security expert in the market so the common vulnerabilities are rare and it can be easily patch. Before the vulnerability was of buffer overflow kind but in present scenario it’s mainly of logical errors and due to lack of configuration in the security. This misconfigutaion is because of mainly three reasons:
• Due to lack of knowledge: this may occur if the security analyst doesn’t have sufficient knowledge about all the related patches. • Due to overconfidence of the security analyst: he assumes that the hacker/crackers can’t breach security of this level and this illusion affects the organization at large. • Due to lack of interest while implementing the security mechanism: this happens due to some personal or professional reason that the security analyst mere implement security mechanism.
These bugs can be detected in following ways:
• By using early detection techniques such as IPsec, stateful firewall, protected Wi-Fi access such as WPA2. • By trying each and every possibility on a web application. • By analyzing the source code and focus on the single point of any web application.
Suggested Citation: Suggested Citation