January 11, 2024

Zero-days Are Becoming More Zero

Zero-day vulnerabilities are vulnerabilities for which no patch is yet available and therefore the hardware or software manufacturer has had “zero days” to create a fix. Once the vulnerabilities are identified, hardware and software vendors rush to publish patches, fixes, or some other work around. But, at the same time, the bad guys are aware of the vulnerability and are working to exploit it to take advantage of the situation.

Every year hackers get faster at exploiting issues - one study found that zero-day vulnerabilities were exploited 87% faster in 2022 as compared to 2020. Tihis leaves less time for the patches to be developed and released by the vendors, and less time for your team to implement the fix. Therefore, we all need to stay prepared and get faster at responding.

The most dangerous zero-day vulnerabilities may be those that impact network edge devices such as firewalls, web servers, email servers, load balancers, etc.) In 2023 there were several critical zero-day vulnerabilities for edge network devices (Citrix Bleed, FortiOS, and others) that significantly impacted businesses. Always prioritize patching Internet facing systems and devices!

It can be overwhelming when the bad guys always seem to be one step ahead, but having the following plans, processes, and teams in place can help improve your odds of success:

  • Monitor vendor and trade publications for zero-day exploits that may impact your systems. Subscribe to threat intelligence services and updates from your vendors.
  • Understand and document your network so that you know where your vulnerabilities systems exist, and you are prepared to act when needed.
  • Reduce your Internet exposure to the minimum required.
  • Prepare and practice incident response procedures to implement emergency patching.
  • Keep your systems updated and patched so that you aren’t playing catchup when the patch for the zero-day is released.
  • Build a defense in-depth cyber security infrastructure so that you limit the risk of the zero-day exploit.
  • Run periodic vulnerability scans and audits to identify any issues that you may have missed.

The best thing we can do for Zero-day vulnerabilities is to be like a Boy Scout and “Be Prepared”!


Authored by: David McCabe, MBA, ISC2 CC

You May Want to Read More:

Wanted: Information Security Officer - WST

October 6, 2023

Looking for a new Information Security Officer? What skill sets should be considered? As information security professionals....

Here Comes Passkeys! - WST

September 29, 2023

The next version of Windows 11 (23H2) due October 2023 adds support for passkeys. Google also added passkey support for Google accounts back in....

Security Incident Notification Rule and Service Providers - WST

September 21, 2023

Back in November of 2021, the OCC, FRB, and FDIC jointly issued a final rule requiring banking....

Keep your institution off the evening news.


Contact Us