Zero-Days attacks represent the most frightful nightmares of all security concerns out there in the world.
But first, let’s put a meaning to the term: ZERO-DAY Attack.
Notwithstanding the apparent neutrality of “Zero”, a Zero-Day attack is one that aims at one or more vulnerabilities not yet discovered in a system.
Recently, news were spread around about one such attack hitting hard on the world, targeting the most widely deployed internet browser: yep, you got it right! Internet Explorer. Though the latest version (8) was reportedly not affected, it’s easy to imagine just how many of us took the step of upgrading all the systems to the latest.
And that’s where all the problems of tackling Zero-day attacks lie: it’s a double-edged sword, with on one side, the desire of not going upfront and deploying newly released software versions and, on the other side, waiting for the new version to make its proof before adopting it.
There are few of System Admins who will go the extra mile of testing any newly released patch before massively deploying it on their networks. Instead, most would rather wait a while, see the comments and reactions of others before taking the dip.
In either cases, there are always risks of coming across zero-day attacks. So, how do one go about defending his/her network against it?
Here again, nothing new. Good practices have all been said and published about how important it is to always keep systems patched, and of course to always test the patches before going into mass-deployment.
Remember, this is a “Catch-me-if-you-can” game, in which we are somehow always tagging behind the enemy. It’s up to us to conceive and come up with new tested and tried methods of defending our networks and the resources they contain. And following on good practices will just ease that burden up.