Computer network intruders are finding new vulnerabilities or loop holes every day, that they use to penetrate your network. Developers or computer vendors often provide patches that cover up previous loop holes. A “zero-day” attack is an attack that targets a vulnerability for which there is no solution easily available. Once the vendor releases a patch, the zero-day exposure has ended. A recent example of a critical zero-day vulnerability was the Windows Animated Cursor Remote Execution Vulnerability that was patched by MS07-01719 (Microsoft Security Bulletin 925902). This was considered a critical hole because it could allow remote code of the attackers’ choosing to be executed. A security research company called Determina notified Microsoft of the problem on December 20, 2006. The vulnerability was publicly announced on March 28 2007.21 On April 2nd, Determina released a video demonstration of Metasploit using exploit code against Vista. Microsoft released the patch on April 3, 2007 ending at least six days of zero-day exposure. Exploit code that targeted this vulnerability was active in the wild for at least several days, if not several weeks before the patch was released.

Even after a patch is released, many organizations take several days to get around to updating systems with the patch Most of the time it is your job to download and install these patches. It is a good idea to check for updates at least once a day or use an enterprise tool to manage updates on your network.

To ensure that your network is safe from intruders, have it checked by a competent computer network security services provider. For computer network security services in Sydney Australia, visit bsecure.com.au.