Term: zero-day

The term zero-day is typically used in conjunction with terms such as “vulnerability” or “exploit”.

A zero-day exploit refers to a vulnerability discovered in software for which:

  • There is no available remedy; end users have no way to fix or “patch” the vulnerability.
  • There is known malware actively exploiting that vulnerability to infect, damage, or otherwise compromise computers on which the vulnerable software is running.

“Zero-day” refers to the amount of time the software authors have to fix the issue: zero. It needs to be resolved immediately.

Any vulnerability that is first discovered by finding malware in the wild that exploits it can be considered “zero-day”.

« Back to Glossary Index