«

»

Oct 18

Zero Day (0 Day) Attacks

The Severity of Zero Day Attacks
A zero day attack can be defined as an attack that is performed by taking advantage of a problem or “hole” found in the creation of software (Ex: Microsoft Windows) unexpectedly. These attacks may be performed before the problem with the software is even public information. This usually occurs when a computer criminal discovers this hole by his or her self or even from a friend and decides to take advantage of it. Because antivirus software cannot protect against brand new attacks, most if not all people who step into the criminals trap are affected.
Once an attack is made public, software vendors (including the creator of the software in which the hole exists), usually work very hard on fixing the problem immediately. Two examples of zero day attacks were problems within Microsoft Excel and Adobe Reader. Due to the vast popularity of Microsoft and Adobe, attackers aim at products created by them so that a higher number of people can be targeted. The Adobe Reader attack was labeled very severe because it enabled the possibility of victim’s machines to be taken over. With over five hundred million copies of adobe distributed worldwide, the impact of this attack left millions of computers at risk. Adobe user’s social security numbers, credit card numbers and other personal information all left at the hands of criminals.
The Microsoft Excel exploit mentioned previously is one in which allows an attacker to create an “.XLS” file that can trojan a victim’s computer if opened. Even I, as an experienced computer user wouldn’t usually hesitate to open up a file that appeared to be created in Microsoft Excel, especially if it came from a family member who unknowingly emailed it to me. This proves how severe an attack like this can actually be.
This attack, the same as the Adobe attack, left millions of user’s sensitive information at risk. These two attacks could cause millions if not billions of dollars in damage to both companies and everyday people like you and I. Both of these attacks we’re fixed by creating a patch for the software that closed the “hole” that was letting attackers into your computer. To make things even worse, not only is it that the actual attackers are doing damage, but also users who help make threats like this publicized. Users who decide to make dangerous information public should be punished the same as the discoverer of these perilous holes in software.

Mathew Gajewski
http://www.DrPCRepair.com
http://www.DoctorPCRepair.com


Warning: count(): Parameter must be an array or an object that implements Countable in /homepages/4/d289686807/htdocs/drpcrepair/blog/wp-includes/class-wp-comment-query.php on line 405

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>