There has been a lot discussion on the Internet recently about the Java 7 zero-day exploit, which has affected many computers worldwide. But what exactly is a zero-day exploit and how does it differ from other types of threats?
The Nature of Content Security
Traditional anti-malware security involves scanning files, either resident on a computer hard disk or delivered to a computer via the Internet, to see whether the files contain malware such as viruses, trojans, worms or other types of malicious software.
These days anti-malware security is commonly referred to as content security since it is the contents of files that come under scrutiny. Content security software looks for malware by comparing portions of a given file to malware patterns – a set of binary fingerprints that are associated with malware that have been discovered and collected on other computers by threat researchers at places like TrendLabs.
When part of a file matches a pattern from the malware pattern file, this indicates that the file being scanned contains malware. The content security software then tries to remove the malware from the file or quarantines the file for later disposal if the malware cannot be removed.
Enter Zero-Day Exploits
Zero-day exploits are new malware that have appeared on the Internet before they are caught, analyzed, and have their patterns placed into a pattern file. The pattern file is distributed to content security software that are designed to receive updated patterns via platforms such as the Trend Micro™ Smart Protection Network™.
These types of threats arise quickly when security holes are discovered in software applications or operating systems and before any protective mechanisms have been developed. Over time these threats are eventually dealt with either by fixing the security holes in the software that they exploit or by devising protective mechanisms to prevent them from infecting systems in the first place. To keep yourself safe from zero-day exploits, it pays to keep your content security software and patterns up to date, and to follow the news and guidelines for dealing with security issues that pop-up on the Internet.
I work for Trend Micro and the opinions expressed here are my own.
For more tips and advice regarding Internet and mobile security, just “Like” Trend Micro Fearless Web Internet Security on Facebook at