“The security industry and trade press have directed a lot of attention toward the ‘Zero-day attack’, promoting it as THE threat to guard against. According to the marketing hype, the Zero-Day attack is the one that you should most fear, so you must put in place measures to defend your organization from it. The Zero-Day threat is born the moment a vulnerability is publicly announced or acknowledged. But what about the period of time that the threat existed before being announced. At StillSecure we call this class ‘Less-Than-Zero’ threat. In this two-part series I’ll examine this Less-Than-Zero threat, compare it to the Zero-Day threat, and discuss ways to protect yourself from Less-Than-Zero attacks and vulnerabilities for which patches, signatures, etc., do not yet exist.”
hehe nothing more than a lot of words about nothing you don’t already know…
Browser: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; PalmSource/Palm-D053; Blazer/4.5) 16;320×320
Wouldn’t a less than zero threat be a negative threat? Relax, all you have to worry about is what you don’t know.
zero day threat: A security issue in software that you have had less than a full day to deal with.
If you don’t know about it then it’s still a zero day threat.
Zero day explioit prevention is what all computer security is about(one of the reasons anti-virus doesn’t count as security).
Good security practise is to act as if every piece of software that you run has an exploit, and then you attempt to minimise the exploit’s effect.
SELinux, Chroot jails, Virtualisation, Firewalls, ACL etc. are all about this.