Free Essay

Zero-Day Vulnerability

In: Computers and Technology

Submitted By tinaeautiful
Words 1078
Pages 5
Software vulnerability

Chenestina Qiu

Networking 2

Period: 7

A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.
In order for the vendor to rectify the vulnerability, the software company must release a patch. Often patches are released on a regular basis, one example being Microsoft’s Patch Tuesday. On the second Tuesday of each month, Microsoft releases security fixes that resolve identified holes. If, however, a critical vulnerability is discovered, a patch may be released outside of schedule.

Browsers are similarly vulnerable; it’s a good idea to update your browser often, for updated security as well as features. To check if any updates are available for your browser of choice, open the browser and click either “Help” or the browser name, depending on which browser you’re using. A quick online search will provide step-by-step instructions. Alternately, you could set up automatic updates, again, depending on browser. Zero day vulnerabilities can be serious security risks. When searching for an appropriate antivirus solution, look for security software that protects against both known and unknown threats.

Just for a moment, think about the end game for an enterprise Chief Security Officer – it would be the day when all the systems are protected 24/7 from viruses, trojans, worms, and hackers stealing data or destroying it or launching denial of service or buffer-overflow attacks. The CSO ideally would like protection from all this without having to react very urgently in any case. Until that happens, enterprises would constantly buy various products that promise to achieve the desired levels of protection. Enterprises would love to be in a situation where they have Zero-Day protection, without having to jump out of bed and rush to office to update signatures or be on the phone trying to rectify an infected system. In short, they would prefer proactive protection that is “always on” rather than reactive protection that requires manual intervention.

There are a few trends that are driving the market towards proactive protection. The first is a gradual transition of the security market towards products that promise “intrusion prevention”. I use this term loosely since there are very few real intrusion prevention systems in the market today. Most security product vendors merely provide intrusion detection (IDS) with limited ability for automatic action. Considering the limited capacity to prevent attacks proactively, it is almost certain that IDS technology would almost surely be history in a very short period. Enterprises are increasingly looking for a reliable and comprehensive IPS package that can be trusted to stop the viruses rather than an alert about an intrusion into the network.

Intrusion prevention (IPS) technologies could be either network-based or host-based, and serve different purposes. In both models, the IPS is looking for known and unknown patterns of attacks including signatures, behavior anomalies, using rule-based engines that can learn “normal traffic” and recognize “abnormal traffic”. There already exist intrusion prevention systems that support gigabit networks with low latency in this newly maturing market.

The second trend is the commoditization of anti-virus software, and AV products on desktops and servers moving upwards in the value chain to include minimal desktop firewall and IPS characteristics. It is not far from the day when plain anti-virus products would cease to exist for enterprises and even consumers. The idea is to protect a system from multiple threats including viruses, buffer-overflow attacks, unwanted programs or spy-ware, block illegal access of servers and other such threats that target a system regardless of whether it is in an enterprise or at home.

One of the biggest challenges facing security teams today is staying up-to-date on the ever-changing security threat landscape. Cyber criminals now have access to a massive arsenal of zero-day vulnerabilities, and they are being sold on the open market to the highest bidder. And according to Verisign I Defense research, over 80% of those zero-day vulnerabilities detected are classified as “high severity.”

Knowing that the zero-day market place is thriving changes the dialogue from “zero-days are too rare and infrequent to spend time on,” to “they are already here and you might just not know it.” It’s no longer a question of if you will encounter zero-days, but how do you plan to locate, prioritize and remediate the ones already knocking on your door. The only defense is having advanced knowledge of exactly which attacks are most likely to be successfully launched against your environment and leveraging a risk-based prioritization method to shrink your attack surface.

Zero-day vulnerabilities, which are exploited in the wild and affect a widely used piece of software, are relatively rare; there were approximately eight in 2011. The past few months however has seen four such zero day vulnerabilities actively exploited in the wild. Two of the zero-day exploits were in Adobe Flash, the other two in Internet Explorer. In April 2012, we identified seven different Trojans that were being used in conjunction with CVE-2012-0779. Within one month, two more zero-day exploits were identified in the wild. These were CVE-2012-1875 and CVE- 2012-1889. The timing of the release of these three exploits was suspicious. As soon as one had been identified, the next became active. We investigated the three exploits and found connections between them all. In the past few weeks, yet another zero-day exploit was detected in the wild, CVE-2012-1535. We have tied this zero-day exploit back to all the others. They may only be the tip of the iceberg. In early 2010, Google documented an attack against their infrastructure. They stated that they were attacked in December 2009 and that the attacks originated in China. The attackers utilized a Trojan called Hydraq, (also known as Aurora), which was delivered using an Internet Explorer zero-day exploit. We believe the Hydraq attack.
References
http://www.kennasecurity.com www.pctools.com www.siliconindia.com…...

Similar Documents

Premium Essay

Zero Tolerance

...Zero Tolerance This essay will discuss the contemporary educational issue of Zero Tolerance Policies and how personal beliefs and values may conflict with legal and societal expectations. The first item for discussion will be the “Tweety Bird Key-chain-case.” Next, this paper will look at the action legislators that have taken in response to the threat of violence in educational institutions, which lead to the creation and implementation of Zero Tolerance policies. Lastly, the ambiguity and unfairness of these policies when administrators and districts enforce punishment will be examined. One example of how zero tolerance policies have caused nightmares for schools, parents, and students is the Tweety Bird Key-chain-case. The case involved a Cobb County, Georgia sixth-grader who was suspended for 10 days when school officials ruled that a chain on her Tweety Bird wallet violated the weapons policy. A group of lawmakers filed a bill reminding local boards they can take into account whether students intended to harm someone when deciding how to discipline them for bringing “weapons to school” (Salzer, J. 2002). In this case, there seems to have been an over reaction to what had taken place by the school officials. They failed the student by not using a combination of ethical moral judgment along with good old common sense. This sixth-grader had no intention of using the chain on her wallet to hurt another student, but school officials did not take that into account. ...

Words: 1453 - Pages: 6

Premium Essay

Zero Tolerance

...Running head: ZERO TOLERANCE Zero Tolerance Tara Harrigan, Udawna Neal, Shamada Platt, Shareese Williams Grand Canyon University Legal Issues in Education EDA 555 Dr. Denise Geier February 06, 2013 Zero Tolerance Zero tolerance began as a government plan to keep our schools safe and is now believed to be a major contributing factor to the downfall of the public education system. This policy stems from the Gun-free School Act (GFSA) of 1994. The act mandated that any student found to have brought a firearm to school would be automatically expelled from school for at least a year. The act was later initiated to encompass nonviolent offenses such as possession of drugs, persistent profanity, rebelliousness toward authority, vandalizing school property, and activities associated with gangs on school property. (Fries & DeMitchell, 2007) However, what was meant to be accomplished by this act, and what actually happened were very contrasting events. The GFSA was the first law which took control of disciplining students out of the hands of administrators and left it up to the written “rule” provided by state legislation (Martinez, 2009). The discretion of the discipline process was placed at the hands of the classroom teachers and administrators interpretation of that rule. The most notable complaint is the complete ridiculousness of some of the harsh responses to petty offenses that fall under the guidelines of what defines a punishable offense or weapon possession...

Words: 1588 - Pages: 7

Premium Essay

Window of Vulnerability

...Assignment 1: Calculate the Window of Vulnerability A security breach has been identified in which the SMB server was accessed by an authorized user due to a security hole. The hole was detected by the server software manufacturer the day before. A new patch will be available in three days. However the LAN administrator needs at least a week to download the software, test it, and then install the patch. Based on this information, the window of vulnerability at the very least is eight days. A network worm called Spida was detected through the MS-SQL server software package. A default installation of MS-SQL was installed into Windows desktops in which each server did not have a password on the system account. This gave access to anyone on the network to run random commands. Spida configures a ‘guest’ account to allow file sharing and be able to uploads itself to the target. It then creates copies of itself using the password-less account, therefore creating infection. This worm was not found until the day after installation and it will take three days restore the network. The window of vulnerability of this situation is four days. A user opened an email that contained a virus and notified her manager. The manager then notified the IT department, and they immediately began to work at the problem. It took the IT team one day to resolve the issue and completely remove the virus and the restore the network. The window of vulnerability was one day. Lastly, an employee who......

Words: 319 - Pages: 2

Premium Essay

Security Vulnerabilities and the

...Employee’s Security Vulnerabilities and the Affects on Organization’s Information Technology University Maryland University College Employee’s Security Vulnerabilities and the Affects on Organization’s Information Technology Cyber security vulnerabilities and threats are real and constant. Information technology breakthroughs have given our adversaries cheaper and often effective cyber weapons to harm U.S. computer networks and systems (Gen Alexander, 2011). Unfortunately, our adversaries are not our greatest vulnerability to cyber security or cyber space. Cyber security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Cyber space is a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. (Ruquet, 2011). The government has been coordinating with private organizations and the public sector to protect information technology. They have been working to detect, prevent, and mitigate cyber threats and vulnerabilities. There are multiple vulnerabilities which adversely affect information technology but this paper will focus on the human factor. ......

Words: 2131 - Pages: 9

Premium Essay

Windows of Vulnerability

...Calculating the Window of Vulnerability WOV or Window of Vulnerability is the time it takes the attack to start all the way to when the attack is found and removed or fixed. As problems arise in IT infrastructure of an organization, providing a fix to the problem can disrupt daily operations and the time it takes between discovering the problem and patching it will leave a window open for an intruder to attack. Once that happens, it is officially a breach of security and any confidential information can be accessed and tampered with. In this particular case, the security breach has been identified and an unauthorized user accessed the SMB server due to an open window of time. The day before the attack, the server software manager detected a hole in security. On the day the hole was detected, it started the timeline of calculating the window of vulnerability. Day 0 is when the vulnerability was discovered. The software company will be releasing a patch however it will take three days to be available, thus adding to the timeline. We are now at day 4 when the LAN administrator communicates that we will need an additional week to download, test and install the patch when it arrives. The final timeframe from the point of discovery to the point that the patch is installed is roughly 11 days. Going further, the patch may need to be deployed companywide to all machines that access the network so other PC’s will not be susceptible to future attacks. Give or take a few more days for......

Words: 315 - Pages: 2

Free Essay

Window of Vulnerability

...The Window of Vulnerability The window of vulnerability is a time frame within which defensive measures are reduced, compromised or lacking. When trying to calculate the window of vulnerability you need to look at least 4 different things before being able to figure out the entire vulnerability. Those four things are discovery-time, exploit time, disclosure time and patch time. Discovery time is when someone discovers that a product has security or survivability implications, the flaw then becomes vulnerable. Hopefully it was found before an attacker found the vulnerability and exploited it. Exploit time is the time between the discovery and the patch time. It is when most, if not all, attacks will occur on a network. When attackers find vulnerabilities they can break through the security relatively quickly, and if they are not stopped they can damage a network extremely. Disclosure time is the vulnerability is disclosed when the discoverer reveals details of the problem to a wider audience. Disclosure time and exploit time can be occurring at the same time, it just depends on when the vulnerability was discovered and by whom. Patch time takes the longest because of all the code that needs to be fixed in order to close the vulnerability. Patches can take a few days to fix the problems or can take longer than 3 weeks, it all depends on how bad the vulnerability is and how badly the attackers want to get into the network. Even with patches and other fixes to networks there...

Words: 275 - Pages: 2

Free Essay

Vulnerability

...Vulnerability Assessment Scan Using Nessus CNT 4403 Anthony de Cardenas Patricia McDermott-Wells 1. Zenmap GUI is a multi-platform application that provides advanced experience network mapping. It would be used by beginners to understand how the network functions. The software probes computer networks by sending packets and analyzes its responses. It is useful when you want to understand the system’s vulnerabilities or detect specific services running on the network. 2. When describing the risks and vulnerabilities of an information system, it has to start where security of data is compromised. Protecting the user names and passwords of a system is vital. When there are vulnerabilities, the system’s sensitive data is at risk. That is the reason you need to secure your information when transferred through the network. 3. The application that is used for Step 2 in the hacking process is Nessus. 4. If you are to conduct an ethical hacking, you have to make sure that you have the proper authorization. Without it, any probing could be considered malicious and would be subject to prosecution. 5. A CVE, or a Common Vulnerabilities & Exposure, is a list of all the known vulnerabilities in the system. They also provide a way to close or patch them up to limit the risk of security leaks. The CVE database is sponsored by the Mitre Corporation under the control of Homeland Security. 6. The Zenmap GUI can definitely detect the operating system......

Words: 328 - Pages: 2

Premium Essay

Window of Vulnerability

...Window Of Vulnerability (WoV) Window of Vulnerability (WoV) is calculated from the time the attack started to when the attack is found removed or fixed. In this case the attack was found but just referred to as the previous day and the detection was found by the server software. We will say that the attack was on a Monday morning. The software company will be releasing a patch for the attack in three days. We should receive the patch on Thursday then. When we get the patch we will need to install and test the patch, this will take generally according to the size of the computer and the # of end users any part of one week to complete the testing before putting it into production. Once the testing is done on all workgroups & end users devices the patch will need to be installed which is considered into production. The update will be company-wide to all machines that access the network. We will need to send out notification office wide via memo and/or email message to all employees. We should request that all end user’s leave the PC’s or devices on so that we can remotely install the updates or for all of the end users that contain windows 7 which most companies do have the upgrade from XP since it will soon be unsupported, you can use Microsoft Deployment Toolkit (MDT) to automate the update to reduce the Desktop support time & cost to do each and every machine. From the day we found the security hole to the the time we fix the security hole, according to......

Words: 296 - Pages: 2

Free Essay

The Zero

...Rachel Ruggeri ENG 474 Dr. Ernest Smith 9/7/14 The Zero “It’s a satirical novel whose rules are its own.” (HarperCollins(2007, July 17).Q&A With THE ZERO’s Jess Walter, http://www.booktheives.blogspot.com) As a satire based on the tragic events of September 11, 2001, The Zero “broke” many literary rules, but Jess Walter decided he would present that time in our history as he saw fit. I gained quite a bit of insight into Jess Walter’s inspiration for The Zero through the interviews. The unusual protagonist we see as our “hero” in the book is based largely on Walter’s viewpoints to the way we, as a culture, reacted to the attacks. Using a key theme in postmodern works, fragmentation. Walter states that “Transitions suck. Transitions are almost always forced or if they’re not, then they take you-they transition-to a place you don’t want to go.” “Fragmentation kept it so fresh for me, because I was never sure how much I was going to reveal (Ehrnwald,Ligan,Lynaugh,Vesta(2010, February 20 & March 16). A Conversation with Jess Walter, http://willowsprings.ewu.edu/interviews/walter.pdf) Walter creates time gaps in Remy’s memory. Remy, alongside the reader, is bounced from situation to situation, never quite sure of what he had done to lead him there. All of his negative memories have seemed to vanish, including the majority of that tragic day. In the HarperCollins article (http://www.booktheives.blogspot.com), Walter discusses how these gaps in memory relate to......

Words: 1018 - Pages: 5

Premium Essay

Vulnerability in Information

...CHAPTER 1 Vulnerabilities, Threats, and Attacks Upon completion of this chapter, you should be able to answer the following questions: ■ ■ What are the basics concepts of network security? What are some common network security vulnerabilities and threats? ■ ■ What are security attacks? What is the process of vulnerability analysis? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary at the end of the book. Unstructured threats Structured threats External threats Internal threats Hacker Cracker Phreaker Spammer Phisher page 21 page 21 page 21 page 21 page 21 page 20 page 20 page 20 page 21 White hat Black hat page 21 page 21 page 28 page 28 Dictionary cracking Brute-force computation Trust exploitation Port redirection page 28 page 29 page 30 Man-in-the-middle attack Social engineering Phishing page 30 page 30 2 Network Security 1 and 2 Companion Guide The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset. Network security is the process by which digital information......

Words: 13317 - Pages: 54

Free Essay

Zero

...To many people zero is just a number with no value, a common placeholder for other values, and something we know as nothing. Just how true can this be - could zero actually mean something in our number system? When children are taught to count, they are taught to start from one to infinity which is thus ironic seeing that the number zero belongs to the set whole numbers which is also known as counting numbers. They are taught that yes, it is a number but unlike other numbers it has no value. I was taught this too. A moment in the article which left me in awe was reading that the symbol for zero was not completely accepted until the 1800’s- in the development of our number system this was a significant achievement. Zero was and always will just be there but this makes one realise just how important this ‘dot’ number really was. I now know how difficult understanding the concept of 0 is. A child is more likely to understand when you say they have nothing than to tell them they have zero. Rules that are supplied to children without any practical activities lead to confusion and affect ones thinking of zero. I therefore agree fully when in the article it is stated that “Children should tackle the complexities of zero gradually” and I as a teacher will have to teach this with patience. In the article is it evident that children many a times misunderstand the role of zero as an identity element. When the question of whether there was a number that you could add to or......

Words: 493 - Pages: 2

Premium Essay

Measuring Vulnerability

...Studies Surian sa mga Pag-aaral Pangkaunlaran ng Pilipinas Toward Measuring Household Vulnerability to Income Poverty in the Philippines Jose Ramon G. Albert, Lilia V Elloso . and Andrei Philippe Ramos DISCUSSION PAPER SERIES NO. 2007-16 The PIDS Discussion Paper Series constitutes studies that are preliminary and subject to further revisions. They are being circulated in a limited number of copies only for purposes of soliciting comments and suggestions for further refinements. The studies under the Series are unedited and unreviewed. The views and opinions expressed are those of the author(s) and do not necessarily reflect those of the Institute. Not for quotation without permission from the author(s) and the Institute. December 2007 For comments, suggestions or further inquiries please contact: The Research Information Staff, Philippine Institute for Development Studies 5th Floor, NEDA sa Makati Building, 106 Amorsolo Street, Legaspi Village, Makati City, Philippines Tel Nos: (63-2) 8942584 and 8935705; Fax No: (63-2) 8939589; E-mail: publications@pids.gov.ph Or visit our website at http://www.pids.gov.ph Toward Measuring Household Vulnerability to Income Poverty in the Philippines♦ Jose Ramon G. Albert,µ Lilia V. Elloso* and Andrei Philippe Ramos∂ Abstract: Concomitant to the analysis of poverty is the measurement of vulnerability. Estimates of household vulnerability to income poverty are developed using a modified probit model that considers......

Words: 10762 - Pages: 44

Premium Essay

Window of Vulnerability

...the Window of Vulnerability (WoV), time is probable the most crucial aspect. Whenever you are dealing with the WoV there are four time periods that help any IT support personnel: Discovery Time, Disclosure Time, Exploit Time and Patch Time. The Exploit Time is the earliest that a malicious event of vulnerability takes place. Discovery Time is the earliest time that a vulnerability is found and/ or known to cause a security risk; while the disclosure time is the period that makes security information available to the general public. The difference between these two time periods is what is called the Black Risk. The black risk is defined that during the discovery time the vulnerability is kept within a small group of people. These people could be the IT staff, the hackers that cause this to occur. On the other hand the disclosure time is when this close nit of people bring the vulnerability to light and inform the public. Also with in the disclosure time, when making the information public it must be of free access, must be from a creditable and acceptable source. The Patch time is the last period that is when a fix or patch is released to correct the vulnerability. During the time between the disclosure and patch time is referred to as the Gray Risk. At this time the vulnerability is known to the public but, is waiting to hear and receive that a correct is available to correct the issue. Prior to a fix or patch a workaround could be available so that the day to day use will......

Words: 317 - Pages: 2

Premium Essay

Vulnerability

...conduct vulnerability assessments is of the upmost importance if a company or organization has information that is confidential or vital in nature. The need to conduct penetration testing should be an ongoing task for organizations as new technologies emerge. Even with security measures in place hackers continue to find ways around the roadblocks which are put in place to secure our networks. Just this month alone the Federal Bureau of Investigation’s network was compromised as a hacker was able to penetrate the emails of one of the organization’s special agents (Brito, 2012). The FBI has some of the most sophisticated computer security measures in place known to man and if their systems can be hacked I assure you that no one is safe. In order to properly examine a computer network for vulnerabilities a company’s information systems manager needs to determine whether such testing can be completed in house or should be outsourced to a penetration testing contractor. It is my belief that penetration testing is best left to contractors whose sole function is in conducting these types of tests, as they are better equipped with the tools and knowledge needed to get an accurate overview of a business network. However, penetration testing should be completed periodically by a business internal IT staff as they can apply updates to prevent vulnerabilities throughout the year and can assist a third party vendor in getting the best snapshot of a network’s vulnerabilities. ......

Words: 1998 - Pages: 8

Premium Essay

Vulnerability

...Article on Vulnerablity Nur 440 August 22, 2011 Vulnerability Article As cited by De, and Anderson (2008), according to Aday (2001), “vulnerable populations are those at risk for poor physical, psychological, or social health. Anyone can be vulnerable at any given point in time as a result of life circumstances or response to illness or events” (p. 3). This particular article will look at the groups who are vulnerable to influenza. As stated by Hutchins, Truman, Merlin, and Redd (2009) “the US national strategy for pandemic influenza preparedness and response assigns roles to governments, businesses, civic and community-based organizations, individuals, and families” (para. 1). Looking at the group that would have a greater risk there are many barriers. One of the barriers is ensuring that all levels from government, right down to the individual act efficiently and swiftly with the plan of action. Others may be transportation, lack of insurance, lack of knowledge, and the list goes on. There are many vulnerable groups when looking at containing or minimizing an outbreak of influenza. Some of the top groups are newborn’s/infants, poverty/poor class of society (no insurance), and the elderly (>65 years-old). A person then can break the groups down even more and say; anyone within these groups that are compromised with other health problems may be at an even greater risk. With influenza very easily contracted from person to person along with looking at these......

Words: 427 - Pages: 2