A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has
been created for a frequently used application. She notifies the software vendor and asks
them for remediation steps, but is alarmed to find that no patches are available to mitigate
this vulnerability. Which of the following BEST describes this exploit?
A.
Malicious insider threat
B.
Zero-day
C.
Client-side attack
D.
Malicious add-on
DEFINITION: Internet Relay Chat (IRC) is an application layer protocol that facilitates communication in the form of text. The chat process works on a client/server networking model. IRC clients are computer programs that a user can install on their system.
So:
1) A malicious exploit has been created
2) For a frequently used application
3) Ann connects the vendor
4) And is able to determine that there is no current patch to mitigate the vulnerability
Either the vendor is very slack at identifying and applying patches, or we are talking about a “Zero Day” vulnerability.
A zero day vulnerability refers to a hole in software that is unknown to the vendor.
This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.
Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information.
The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers.
Once the vulnerability becomes known, a race begins for the developer, who must protect users.
In this Question , there are no patches are available to mitigate the vulnerability. This is therefore a zero-day vulnerability.
0
0