Select language
Avast Academy Security Other Threats What is a Zero-Day Attack?

What is a Zero-Day Attack?

When a software vendor releases a new product with a security issue that neither the vendor nor the antivirus company know about, it’s called a zero-day vulnerability or a zero-day exploit.


What is zero-day?

Zero-day refers to how long the “good guys” have known about a security problem in the software. There are two kinds of zero-days. A zero-day vulnerability is a hole in the software’s security and can be present on a browser or an application. A zero-day exploit, on the other hand, is a digital attack that takes advantage of zero-day vulnerabilities in order to install malicious software onto a device.

Hamburguer menu icon

This article contains:

    Where do zero-days come from?

    Since by definition, a zero-day vulnerability is still unknown to software designers, antivirus vendors and the public at large, zero-day attacks come from criminal hackers who have discovered or otherwise learned about a hole in the system and quietly exploit it. In particular, zero-day attacks usually take advantage of holes in web browsers and email applications, since both are widely distributed.

    How do you recognize zero day exploits?

    The bad news is, it’s impossible to recognize either zero-day vulnerabilities or zero-day exploits — if you found them, they wouldn’t be zero-day anymore! Because of this, zero-day attacks are a severe threat but you’re not without recourse. For example, some antiviruses are able to detect a zero-day using behavior-tracking algorithms that spot suspicious or malicious behavior.

    How do you fix a zero-day vulnerability?

    Fixing a zero-day vulnerability is generally the job of the software provider who will need to release a security patch to mend the hole in its software. However, it’s up to individual users to actually install the security patch or software update onto their device. The easiest way to ensure you never forget to update your software is to get an application that can automatically manage your software patches.

    Other prevention tips:

    • Always check for and install the latest software patches

    • Practice safe browsing habits to reduce the danger of malware taking advantage of zero-day vulnerabilities

    • Install an app that automatically updates your essential software, such as Avast Premier

    Protect yourself against zero-day

    Since zero-day attacks are very effective against even secure networks, users need to exercise common sense and practice safe computing habits such as not opening attachments from suspicious email addresses or otherwise downloading files from unknown sources, always keeping your software up-to-date and installing all the latest security patches. Beyond this, a powerful antivirus software such Avast Antivirus can help protect you against viruses, malware, spyware, ransomware and more that may be deployed through a zero-day vulnerability.

    Protect your iPhone from threats
    with free Avast Mobile Security


    Protect your Android from threats
    with free Avast Mobile Security