Part of this journey has been the shift to the Windows-as-a-Service model which delivers big feature updates twice a year, complemented by continuous releases of security fixes, driver updates and other improvements. Windows 10 has caught up with macOS and Linux in terms of stability and security. With a properly configured and up to date system and basic security measures in place when using the internet and third party-software, users have little to fear. The integrated Windows Firewall blocks malicious attacks from the internet, Windows Defender offers good basic protection against malware, blocking suspicious applications on launch with Application Guard. But like on any other operating system, hackers might still be able to use so called zero-day vulnerabilities to break into a perfectly configured Windows 10-system. Zero-day vulnerabilities and zero-day attacks are one of the biggest risks for well-crafted hacking attempts especially for businesses as they might remain unnoticed for longer timeframes or never be spotted at all.
What is a Zero-Day vulnerability?
A “zero-day” vulnerability might be defined in different ways. Originally the concept referred to the number of days since a public software released to the public, and “zero-day” software meant software that had been stolen or obtained ahead of release. Vulnerabilities found in the software code by hackers, security experts or other third parties later were named Zero-day vulnerabilities, referring to the amount of days the developer had to fix them before hackers could take benefit of them. Zero-day vulnerabilities open a system to breaches, data leaks and attacks where private and protected information might be obtained, data stolen or changed. In the worst case, the complete system might be taken over through a hacking attempt, locking out the owner or legitimate users like administrators. Nowadays a Zero-day vulnerability is a system-vulnerability that might be known to the software developer and / or outside entities like hackers which might use, share them publicly or even sell them. They open a system to Zero-day attacks.
What is a Zero-Day Attack?
A zero-day attack is carried out by exploiting a Zero-day vulnerability, which basically means an unfixed vulnerability. Zero-day attacks usually follow a typical sequence of events:
How can you protect your system against Zero-Day attacks?
While you can never fully rule out zero-day vulnerabilities on your system, there are some best practices that might lower your risk of falling victim to a zero-day attack. If you respect the following main points, you should be safe in general – especially if you are not a high-profile entity like a celebrity or critical business in that hackers might be interested in. The effort for single-targeted zero-day attacks is huge and most end-users typically are most vulnerable to automatized attacks that can initiated via widely spread malware or bot-networks on the internet. Always choose software from reputable and trusted sources and avoid obtaining any application from suspicious sources – online and offline. Relying on well-known software developers, software vendors and sites like app stores and download portals ensure a basic level of security. Checking online reviews and ratings of any software before installing are another way to avoid malware. Windows Defender and other Windows features like Application Guard, User Account Control and the Windows Firewall provide already good protection. Make sure you have everything set-up in the right way and don´t deactivate those protective tools if you don´t know 100 percent what you are doing. To be even more secure you might consider investing in a commercial third party-antivirus from Kaspersky, Norton, Bitdefender or similar and in particular an anti-ransomware-tool like from Malwarefox. Microsoft does a constant effort to close existing vulnerabilities and publishes smaller and bigger updates on a nearly weekly basis. To benefit from those improvements, which also include driver updates and updates from the Microsoft Store for modern Windows apps, you should make sure to keep your system always up to date. Ignore optional updates or defer pending updates only if necessary. For Windows update to run properly you will have to connect your PC to the internet frequently. As classic desktop applications like Google Chrome are not managed via the Microsoft Store, you will have to make sure to update them manually if needed. Some application include an automatic update-checker that will inform you about more recent versions – others you might have to update completely yourself. There are certain big vulnerabilities that will be covered widely and for which no immediate fix might be in place. Make sure you keep yourself updated and keep an eye on what´s going on. Sometimes some manual protective measures will be shared by security experts which you then can apply to not fall victim to a possible attack.