What is a zero-day exploit?

Admit it, it sounds like the kind of trashy suspense novel you’d have found in an airport in the 1980s. You know someone like Robert Ludlum, Ken Follett, or John Grisham would have written it. You know you’re imagining the cover of the book, “THE ZERO DAY EXPLOIT.”

Seriously though.

The term “zero-day exploit” refers to a software bug that allows someone to do something bad with it. For example, it may be possible to take control of the software remotely, or for a remote person to capture keystrokes the would give them usernames and passwords. In some cases it a zero-day exploit could lock your computer and force you to pay to unlock it.

Why is it called a “zero-day” exploit?

“Zero Day” exploits are those which are discovered before the developer has a chance to fix it. In other words, there are “zero days” between the time the exploit is seen on users’ computers and the time the developer knows about it the first time.

It’s dangerous because it can take time for the developer to figure out what is wrong and even more time to come up with a way to patch it. Once the exploit is patched, it’s no longer properly referred to as “zero day.”

What can you do to protect against zero-day exploits?

Zero-day exploits are the top priorities for companies like Apple, Google, and Microsoft. Sometimes these companies will pay “bug bounties” for people who find them. If you’re thinking of using a zero-day exploit once you find it, you might just be happy enough to sell your knowledge to the developer instead of using it.

Often times when an exploit (whether zero-day or other) is discovered it’s patched in a matter of days. This is especially true if the exploit is really potentially damaging. So the best thing you can do is to keep up with those security patches. The bad guys are hoping you don’t patch your computers so all those exploits stay active.

Yeah, but aren’t those updates a problem by themselves?

Yes, some updates cause problems. There’s such a rush to fix problems — especially security problems — that sometimes an update isn’t fully tested. So in some cases it would seem like the cure is worse than the disease.

Even though those “edge cases” get a lot of news coverage, most updates are really safe. It’s very rare that a patch is worse than the problem it’s designed to fix. When it does happen the internet knows about it very quickly. So if you’re hesitant to apply a patch, do a quick search on it. You’ll find out very quickly if someone has had a problem with that update.

Just remember that if you find one person with a problem with an update, that doesn’t mean you’ll have a problem. If this is a major operating system upgrade, there’s an excellent chance that someone, somewhere, will have a problem with it. Unless you see a real pattern though, you can presume that the patch will be safe for you.

Of course, you can do a backup of your important files before updating, but most folks won’t. On the other hand, dear Solid Signal Blog reader, you’re smarter than most folks, right?