Zero day attack, also known as a zero hour takes advantage of computer vulnarabilities that do not currently have a solution. Typically, a software company will discover a bug or problem with a piece of software after it has been released and will offer a patch-another piece of software meant to fix original issue. A zero day attack will take advantage of that problem before a patch has been created. It is named zero day because it occurs before the first day the vulnerability is known.
- For example, there was an zero day attacked on Nov. 09, 2006. It was a part of Windows called the XMLHTTP Activex Control. When an web browser pop up an infected web page in the internet explorer, it called the Activex Control, which would helpep the attacker to cause a buffer overflow. It may able the attackers to download spyware and steal data.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment