This question appears in Mumbai University > Software Testing & Quality Assurance Subject

Marks: 5M,6M,10M

Year: Dec 2013, May 14,Dec 2014,Dec 2015

Zero day attacks:

• A zero-day attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, one that developers have not had the time to address and patch.

• It is called “zero-day” because the programmer has had zero days to fix the flaw i.e. there are zero days between the time the vulnerability is discovered and the first attack.

• Zero-day attacks occur during the vulnerability window that exists in the time between when vulnerability is first exploited and when software developers start to develop and publish a counter to that threat.

• A zero-day threat is also known as a zero-hour attack or day-zero attack.

• Zero-day attacks are carefully implemented for maximum damage - usually in the span of one day. The vulnerability window could range from a small period to multiple years. For instance, in 2008, Microsoft revealed an Internet Explorer vulnerability that infected a few versions of Windows released during 2001. The date in which this vulnerability was initially discovered by the attacker is unknown, but the vulnerability window in such a case might have been as much as seven years.

• In security testing, the software behaves securely and consistently under all conditions.

• Security testing verifies that only authorized accesses to the system are permitted. This may include authentication of user ID and password and verification of expiry of a password.

• It ensures that virus checkers prevent or curtail entry of viruses into the system.

• Security testing ensures that the system is available to authorized users when a zero day attack occurs.

• Zero-day protection is the ability to provide protection against zero-day exploits. Zero-day attacks can also remain undetected after they are launched.