: of, relating to, or being a vulnerability (as in a computer or computer system) that is discovered and exploited (as by cybercriminals) before it is known to or addressed by the maker or vendor
Thus, in the parlance of the trade, these vulnerabilities are known as "zero-day exploits," because it has been zero days since they have been uncovered and fixed.—James Bamford
There's a zero-day vulnerability in RealPlayer and Internet Explorer that allows malicious code to be installed …—Mark Hopkins
… most of what's on the black market doesn't have that zero-day freshness. Criminals typically target older vulnerabilities, for which fixes have already been released …—Lev Grossman
Examples of zero-day in a Sentence
Recent Examples on the WebThe flaw is the third zero-day exploit Google has uncovered this year targeting Chrome users.—Michael Kan, PCMAG, 6 June 2023 Getty Images On Monday, Cisco reported that a critical zero-day vulnerability in devices running IOS XE software was being exploited by an unknown threat actor who was using it to backdoor vulnerable networks.—Dan Goodin, Ars Technica, 17 Oct. 2023 Unlike bug bounties, where security researchers find flaws in companies’ code and then disclose them to the firms to fix for payments, the zero-day market encourages the trade in flaws that can potentially be exploited by the purchasers.—WIRED, 30 Sep. 2023 The discovery of the valuable zero-day exploit, designed to install Predator on iPhones running even the most up-to-date operating system, prompted Apple to push a security update to users on Thursday afternoon.—Joseph Menn, Washington Post, 23 Sep. 2023 Apple has issued a critical security update for iPhones to address a zero-day bug in iOS 16 that could allow attackers to remotely install spyware on a device without any interaction from the iPhone owner.—Tom Warren, The Verge, 8 Sep. 2023 It has also been reported the breach may be linked to an unpatched Microsoft Exchange zero-day.—WIRED, 12 Aug. 2023 Progress Software disclosed a zero-day vulnerability in its MoveIt file-transfer tool in May.—Catherine Stupp, WSJ, 3 Aug. 2023 Other zero-day flaws included in Microsoft’s Patch Tuesday are CVE-2023-32046, a platform elevation of privilege bug in the MSHTML core Windows component, and CVE-2023-36874, a vulnerability in the Windows Error Reporting service that could allow an attacker to gain admin rights.—WIRED, 31 July 2023 See More
These examples are programmatically compiled from various online sources to illustrate current usage of the word 'zero-day.' Any opinions expressed in the examples do not represent those of Merriam-Webster or its editors. Send us feedback about these examples.