What Is a Zero-Day Vulnerability?
a Zero-Day Vulnerability — a security flaw that is unknown to the vendor and has no patch available — "zero days" have passed since it became known to defenders, making it especially dangerous.
How it works
A zero-day is a vulnerability attackers may know about (and exploit) before the vendor does — so there's no fix yet and traditional signature-based defences don't recognise it. When exploited, it's a "zero-day attack". Once discovered and patched, it stops being a zero-day. Defence relies on behaviour-based detection, defence-in-depth and rapid patching once fixes appear.
Why it matters
Zero-days are the most feared vulnerabilities precisely because no patch exists — they highlight why layered defence and behavioural detection (not just signatures) matter. Understanding the concept is fundamental security literacy and a common interview topic.
Frequently asked questions
What is a zero-day vulnerability?
A security flaw unknown to the vendor with no patch available — 'zero days' since defenders learned of it — making it especially dangerous to exploit.
Why are zero-days so dangerous?
No patch exists and signature-based tools don't recognise them, so attackers can exploit systems before defenders can respond.
How do you defend against zero-day attacks?
Defence-in-depth, behaviour-based (not just signature) detection, network segmentation to limit spread, and rapid patching once a fix is released.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.