An example of a zero day vulnerability would be a security weakness in an operating system such as Windows which is unknown to the vendor, in this case Microsoft. During the period of time that a hacker would discover and attempt to exploit that vulnerability, before the vendor becomes aware of the problem and then subsequently plugs up the security hole with a Windows Update would be known as a zero day attack. It is called this because the vendor has ‘zero days’ in order to fix the problem before it is publicly reported or becomes active in the wild.

There are a couple of key approaches to consider with zero day attacks. First of all, make sure your patching is up to date. It is a common misconception that up-to-date Anti-Virus can stop any attack. If the operating system and applications are un-patched they are vulnerable, but if fully patched the chances of an exploit attempt succeeding are dramatically reduced.

Second, I recommend you evaluate ‘Next-Gen’ Anti-Virus technologies that specialise in blocking exploit attempts and Unknown Threats. According to Sophos over 100 million new viruses are released every year, traditional signature-based Anti-Virus simply can’t keep up any more.