It’s likely that if you follow tech news, you’ve heard the term “Zero Day.” It’s a vulnerability or flaw in software which isn’t known to the software’s maker or public at large. Basically, it’s the bumper of the Ford Pinto before the first one exploded. Because of how quickly software is produced and updated, most software has bugs. Often those bugs can be used by skilled attackers to create exploitable vulnerabilities which can then be leveraged to encrypt your files, send out spam, or get access to private information.
These days, many vulnerabilities are found by professional security researchers. Companies like HackerOne will connect researchers with big name companies like PayPal, Uber, DropBox, and Starbucks. They set bounties for levels and classes of exportable bugs that they find and disclose responsibly. The companies fix the bugs, and usually announce them publicly, or allow the researcher to do so.
But there is also a Grey Market. This is where companies like Zerodium will purchase exploits, then sell to governments and law enforcement agencies to use to exploit themselves. Even worse, there are Black Markets where exploits are sold by criminals to criminals. These markets thrive on secrecy and ensuring that bugs stay hidden for as long as possible, so that they can make as much money as they can before they’re fixed.
Back in February, there was a zero day found in WinRAR, a popular file archive tool. This exploit had been in place for over 19 years. Luckily it was found by security researchers and fixed by WinRAR, but because the software doesn’t have updates, there will likely be millions of users who never get the fix.
Similarly, for decades now, Microsoft has pushed updates for Windows software on the second Tuesday of every month (dubbed ‘Patch Tuesday’). Most times the updates fix bugs in software or improve how different drivers or system pieces interact, but there are increasingly more and more fixes to exploitable bugs amongst the updates.
So what should the average user do? Well, if you treat your computer like a car, you should be in good shape. That means you run regular maintenance, upkeep, and keep an ear open for big notices. You should be running AV. Install Windows and other software updates when you can, and reboot when it asks you to do so. Check your list of installed programs and if they don’t have their own updates, search to see if there are any since you installed them. And while you’re checking, remove software you don’t use any more. It’ll make your system run more smoothly and lower the number of potentially attackable things. Finally, if you happen to find a random flash drive, don’t plug it into your computer. This is the exact exploit the used to cripple Iran’s nuclear program.