Q: I hope you can give me some information about the zero-day virus. I try to follow technology news and malware threat trends, and they often mention the zero-day threat. Any information you can provide will be appreciated.
– John R., Crestview, Florida
A: I feel like I’m being tricked here, but just in case I’m not, and for my readers who may not be familiar with zero-day threats, I’ll do my best to avoid it to explain.
Zero-day is not the name of a specific virus or malware threat. Rather, the term refers to any previously unknown threat or potential threat. It literally means that the cybersecurity community (of which you, the end user, are a part) has zero days to prepare the systems under their responsibility to deal with a new threat.
The concept of zero-day doesn’t even have to refer to something that already exists. The mere discovery of a fatal flaw in some commonly used software is enough for it to be considered zero-day, although no actual instances of it have been discovered “in the wild”, which is common geek jargon for computers installed and running in homes and shops everywhere. The so-called “wilderness” encompasses both connected and disconnected systems, and the vast array of devices that many people often don’t even consider: the Internet of Things, or IOT for those in the know. These are devices that are not computers in the traditional sense, but are still connected to the Internet. The list is practically endless, but includes things like security cameras, smart TVs, home assistants (Alexa and Google Nest), thermostats, and I’ve seen an increasing trend towards home appliances – refrigerators, washing machines, even toaster ovens with built-in internet capabilities. All of these devices are being exploited.
More It’s Greek to Me columns
Furious! To get back on track, the term zero-day is often associated with other words that can help you understand the magnitude and nature of the risks involved. When something is labeled a “zero-day vulnerability,” it’s usually associated with a bug that has been discovered by computer scientists or white-hat hackers, but is not yet known to be actively used in the wild. On the other hand, a “zero-day threat” refers to a specific vulnerability that is known to exist. Then there’s the dreaded “zero-day attack,” which refers to a vulnerability that’s being actively exploited. Depending on the severity of the threat, these are among the worst cases and are what usually drive vendors to provide a software patch as soon as possible.
This seems like a good opportunity to point out that if you choose to run an older operating system past its end-of-life date, this is exactly the kind of scenario that leaves you vulnerable. As I’ve always said, it won’t just stop running, but you will no longer receive patches and security updates once they are released. In the context of today’s column, this means that if a zero-day threat emerges and the software vendor issues a patch, your system will likely remain vulnerable. However, there have been extremely rare instances where certain major vendors such as Microsoft have decided to provide patches for supposedly outdated versions of their products. In the opinion of this humble geek, relying on this concept to keep your system secure is extremely bad planning.
So, final words on zero-day: By their very nature, these aren’t something you can plan or prepare for. The best thing you can do is stick to sources that are among the first to know about these threats when they appear, and when security patches come out, install them at the very first opportunity. When it comes to zero-day, time is not on your side!
Geek Note: Questions! I need your questions! I’m approaching the busiest time of the year for me, and having a rich panel of questions to choose from makes it a lot easier for me to complete this column each week. That hasn’t been the case lately and I’m counting on you all to fix that. So, if you’re reading this and aren’t absolutely 100% satisfied with the performance of your computer, or you’re having trouble with your smartphone, amart TV, home assistant, or if you’re like reader John R., have a question about terminology, me want to hear from you!
To view additional content, comment on articles, or ask a question of your own, visit my site at ItsGeekToMe.co (not .com!).