charlotte's yard

Monday, January 11, 2010

Zero-day attack

A zero day attack, also known as a zero hour attack, takes advantage of computer vulnerabilities that do not currently have a solution. Typically, a software company will discover a bug or problem with a piece of software after it has been released and will offer a patch — another piece of software meant to fix the original issue. A zero day attack will take advantage of that problem before a patch has been created. It is named zero day because it occurs before the first day the vulnerability is known.

(www.wisegeek.com)

For example, On November 09, 2006, there was a zero-day attack on a part of Windows called the XMLHTTP 4.0 ActiveX Control. When a web browser opened an infected web page in Internet Explorer (IE), it called the ActiveX control, which then helped the attacker to cause a buffer overflow. Attackers were then able to download spyware and steal data.

(www.mysecurecyberspace.com)





1 comment:

  1. hi therE...

    xUper nice ng blog mo..

    nagatwinkle gud ang star..

    hehE..


    [(skY_vynZ)]

    ReplyDelete