What is a zero-day?
A zero-day is a type of unique computer vulnerability that is unknown to victims or vendors, and potentially unknown to everyone in the world except the creator of the zero-day exploit.
What does it mean?
When a bug is discovered the time is considered to be ‘day zero’ (ie, zero days have passed since the discoverer could have started patching their systems against the bug).
Why are the bugs so powerful?
There’s no way to defend against them. They exist before day zero and are therefore only discovered after their first use. A one-time zero-day exploit may go from devastating to useless in a matter of hours (upon its discovery on day zero) but the damage may already have been done.
Who uses zero-days?
They are the most sought-after vulnerabilities in the world, not only by hackers but also by governments. The Stuxnet virus, which some believe was created by the US government, relied on four separate zero-days. Stuxnet is easily detectable by reputable anti-virus software and can be blocked just like the most basic viruses, but when it was created it was a weapon.
How many are there?
Technically, every new vulnerability is a zero-day, regardless of its complexity or uniqueness. But most are found by multiple people, independently and very quickly, meaning day zero arrives before any real harm can occur. It’s possible though that there are hundreds, potentially thousands, of active zero-days being exploited or waiting to be exploited. It’s not usually in the best interest of the attacker to disclose the presence of a zero-day to the victim, and this ‘hoarding’ of exploits can last for years.
Should I be worried?
On a personal level, it’s very unlikely that someone would ‘burn’ a zero-day exploit on an individual user. They’re mostly saved for high-value targets.