What is a Zero-day Vulnerability?

Defining Zero-day Vulnerabilities

A zero-day vulnerability, also known as 0-day, is a flaw in a piece of software that is unknown to the software developer and does not yet have a fix. The “zero-day” refers to the number of days left to solve the problem, meaning it is acute. Hackers and other cybercriminals can exploit these vulnerabilities using hacking techniques and malware to access critical systems and data. This is called a “zero-day exploit”.

Log4j Zero-day Vulnerability

Lots of these zero-day vulnerabilities have been discovered in the past. The Log4j zero-day vulnerability has recently caused a lot of trouble in the IT community. In December 2021, many IT departments worked overtime to mitigate the impact on their systems once the vulnerability was discovered. Exploits for a severe zero-day vulnerability (CVE-2021-44228) in the Log4j Java-based logging library were shared online, exposing many to remote code execution (RCE) attacks. This resulted in widespread ransomware attacks since Log4j is incorporated in widely used Apache-related frameworks. Companies and government agencies who failed to implement the patches made available by developers in a timely fashion suffered severe damage.

Other recent zero-day vulnerabilities that posed problems include:

• an Apple zero-day vulnerability: With the release of MacOS Monterey 12.2.1 in February 2022, Apple patched a zero-day vulnerability listed as CVE-2022-22620. This use-after-free vulnerability in the WebKit component allowed the execution of arbitrary code when a user was led to a malicious web page.

• a Chrome zero-day vulnerability: On March 25, Google released Chrome 99 to patch a zero-day exploit of CVE-2022-1096. The type of confusion weakness was located in Chrome V8 JavaScript and allowed attackers to execute arbitrary code on devices and trick Chrome into running malicious code.

• a Firefox 97 zero-day vulnerability: The Firefox 97.0.2 version was released on March 5 with security fixes for two zero-day vulnerabilities: CVE-2022-26485 and CVE-2022-26486. The former patches a use-after-free vulnerability whereby hackers could exploit an XSLT memory error that occurred when converting XML documents into PDF or HTML pages. The latter patch does the same for the WebGPU IPC framework.

Plenty of other zero-day vulnerabilities occurred in the last couple of months. It can prove challenging to fix them all if you do so manually or lack an up-to-date asset inventory. Luckily, there are ways to make it easier to patch zero-day vulnerabilities without wasting time.

How to Fix a Zero-day Vulnerability

You can fix a zero-day vulnerability like any other vulnerability: by updating the software with the patches of the developer. However, you can only fix vulnerabilities if you know where to find them. If you manage a large IT estate, you need a pertinent way to discover and solve vulnerabilities across a wide range of IT assets, even when they are located at different sites. Moreover, it is essential that you can find and adjust every single asset, regardless of whether they require credentials. Because if even one device is overlooked, it can create a severe security problem. So, you need to answer the real question: “How to find zero-day vulnerabilities?” This is where Lansweeper comes in.

Find and Handle Zero-day Vulnerabilities Automatically

Lansweeper has devised an IT discovery solution that offers, amongst others, an extensive report library with over 400 built-in network reports that can help you to stay in the know about any old and new vulnerabilities.

For example, we recently created a report that will instantly scan your network and compile a list of all network assets affected by NVIDIA display driver vulnerabilities. This allowed sysadmins to take immediate action and update their drivers. Other examples of security threats that we provided an IT discovery report are the PrintNightmare and PetitPotam vulnerability exploits. If you, too, want to get access to these free vulnerability reports, sign up here.

With Lansweeper’s IT asset management solution, you can handle vulnerabilities proactively. Lansweeper automatically tracks and recognizes vulnerabilities across your entire IT estate, even in remote infrastructure. Through a combination of AI-powered active and passive scanning methods, Lansweeper keeps your IT inventory continuously up to date and helps you to secure your IT infrastructure.