A zero-day is a security flaw in software, firmware, or hardware that developers don't know about. Attackers discover and exploit it before the vendor can create and release a patch.
The name comes from the timeline: the developer has zero days to respond. Once the vulnerability becomes public or is actively used in attacks, the clock starts. Attackers have a window of time, sometimes weeks or months, where they can compromise systems while users have no defence.
Real-world example: if a criminal finds that clicking a specially crafted email link in a popular chat app instantly gives them access to your files, and the app maker hasn't spotted this weakness yet, that's a zero-day. The attacker can use this before any security update arrives.
Zero-days are particularly dangerous because:
- No patch exists yet, so standard security advice (update your software) doesn't help
- Attackers keep them secret to maximise damage
- Detection is harder because antivirus and firewall tools have no known signature to spot
When buying devices and software, choose vendors with a track record of fast security responses. Enable automatic updates. Use reputable security software, though understand it cannot protect against unknown threats. Consider devices from companies that issue regular security bulletins and act quickly when vulnerabilities surface.