A zero-day is a form of malware or exploit that was previously unknown or unobserved. These are valuable in the hacker culture because often times many websites or services will be vulnerable to such exploits.
A zero-day vulnerability, at its core, is a flaw. It is an unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong. In fact, a zero-day exploit leaves NO opportunity for detection … at first.
A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day.” Let’s break down the steps of the window of vulnerability:
A company’s developers create software, but unbeknownst to them, it contains a vulnerability. The threat actor spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it. The attacker writes and implements exploit code while the vulnerability is still open and available. After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.
Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days but months and sometimes years before a developer learns of the vulnerability that led to an attack.
Differences Between “Zero Day” & “Normal Bug”?
A zero-day bug is a bug that is undisclosed by the software manufacturer usually because they are either unaware of it or are attempting to fix the bug before it becomes known for exploitation as I told you.
The bug is termed a ‘zero-day’ bug because it usually shows up in newly released software, patches, or updates, so it literally is ‘zero days’ old (i.e. no significant time has passed since its inception and the bug poses a new threat to the stability of the software). There are often illegitimate ‘races’ to find new zero-day bugs whenever a major software company releases an update, such as Apple updating iOS or Microsoft releasing a new Windows update. These zero-day bugs are worth a lot to hackers as they may exploit leaked memory or user information.
Normal bugs, on the other hand, are not necessarily seen as a serious threat to the stability of the software as they are unlikely to leak sensitive user or system information. If a bug is serious, then software companies are often obliged to fix it as it compromises the user experience.