83,274
edits
Zero-day vulnerability: Difference between revisions
Jump to navigation
Jump to search
no edit summary
Amwelladmin (talk | contribs) No edit summary |
Amwelladmin (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
{{a|systems|{{image|War Games|jpg|Somewhere this is happening RIGHT NOW.}}{{d|{{PAGENAME}}|/ˈzɪərəʊ-deɪ ˌvʌlnərəˈbɪlɪti/|}} | {{a|systems|{{image|War Games|jpg|Somewhere this is happening RIGHT NOW.}}}}{{d|{{PAGENAME}}|/ˈzɪərəʊ-deɪ ˌvʌlnərəˈbɪlɪti/|}} | ||
A vulnerability in code that hackers find before the software vendor does. Because the vendor is none-the-wiser, there is no patch for the bug, meaning until the vendor (a) twigs that there’s a problem, (b) works out how to fix it and (c) rolls the patch out to its customers, hackers who know about it can have a field-day. They can have catastrophic consequences: the “Stuxnet” virus, which basically rooted Iran’s nuclear energy sector in a weekend, was introduced through a zero-day vulnerability in a seemingly harmless Siemens programmable logic controller. | A vulnerability in code that hackers find before the software vendor does. Because the vendor is none-the-wiser, there is no patch for the bug, meaning until the vendor (a) twigs that there’s a problem, (b) works out how to fix it and (c) rolls the patch out to its customers, hackers who know about it can have a field-day. They can have catastrophic consequences: the “Stuxnet” virus, which basically rooted Iran’s nuclear energy sector in a weekend, was introduced through a zero-day vulnerability in a seemingly harmless Siemens programmable logic controller. | ||