A zero-day virus is an attack or exploit which targets the vulnerability of software, and that vulnerability is unknown to the vendor.
These means that they have zero days to fix the issue, which leaves their systems exposed until a patch is developed.
These zero-day viruses are extremely dangerous because the traditional antivirus methods often fail and allow attacks to install malware, steal data or cause breaches before a defense is available.
With the zero-day virus, the vulnerability is a flaw in software, hardware or firmware which the developer is unaware of.
The exploit is malicious code (the "virus") written to take advantage of that unknown flaw.
The zero day window of the zero-day virus is the critical period between when the vulnerability is first exploited and when the vendor releases a patch.
And because no fix is available, during the zero-day virus, these attacks bypass the standard security, which makes them extremely effective for hackers.
A zero-day virus event ends when developers discover the flaw and then release a patch, in which users then install to secure their systems.
Traditional antivirus relies on known malware signatures, which do not exist for zero-day threats.
Zero-days are valuable and often sold on the black market and used by attackers that are more sophisticated.
The zero-day viruses can also affect operating systems, apps, devices and IoT or Internet of Things products.
Attackers use the zero-day exploits via phishing emails, malicious websites, or other methods in order to deliver malware, compromise systems and seal sensitive information.