Simply The Zero-day attack is an attack that exploits vulnerability in a system or software before the patch for this vulnerability released by the vendor but the attack may be done also after the patch released.

Actually this attack happens in the period between the exploit discovery in a system or a software and the patch for this vulnerability implemented (not only the patch released because it may be released and the vulnerable customer doesn’t implement it!) 

The Period (A) is the time of  zero day or zero hour attack but also the period (B) is vulnerable to this attack also In this article, we will discuss the top 10 ways you must follow to secure your computer, network and systems against zero-day attack :

1- Update Immediately 

For corporate use, you must use an updating tool such as windows server update services (WSUS), Red Hat Network (RHN) update service or whatever servers live monitoring tool which monitor the updates and implement it automatically .

for personal use, update your operating system daily or turn on automatic update.

2- Develop Strong Patch Management Policy

You must develop a formal policy for patch management to define the ways and the procedure the system administrators must follow to implement any security patch.

This policy must be evaluated every three months to check its adequacy and relevance regarding its main need and objective.

3- Use A Reliable Security Solution

By owning end point security solution or internet security product on your personal computer or on every computer in your company, you can say that you have a very good layer of security which achieve the defense in depth concept ; because the end point security software contains  a local firewall to block attacks if launched . In addition to that, it may contain the following (Anti-spam, website filter, local IDS…  etc) , So it will run as the first security layer to secure your computer as possible.

4-  Use A Reliable  Email Filter 

The most zero-day attack spreading way between the systems is the email messages; so every corporation must have reliable email filter software or hardware to minimize the risk of the malicious emails on the business.

This mean that you must have multi layers of defense in depth must be implemented to secure your network as possible.

5- Run With Enough Privilege and No More !

With no administration privilege given to employees, with limited access to the resources and shared folders, with a very strong access list of systems and firewall. we can say that you take the appropriate actions to save your network security.

6- Follow The Vulnerabilities Database Websites

Every security administrator must follow the vulnerabilities database websites all the time because it provides the necessary information about the latest vulnerabilities with patches status, criticality level, impact and solution

7- Follow The Exploits Database Websites

By following the hackers pages and websites you will know the latest exploits, may be before the vendor which allow you to know the dimensions of the problem to save your network and systems.

8- Use Google Alerts

Google Alerts are email notification based on your query statement; so you can develop some statements which update you always if there are any new exploits added to the internet for specific product or software.

9- Use RSS Feeds

subscribe in the security news, vulnerabilities database and security alerts. Feeds are important to be updated at the appropriate time to save your network.

10- Keep Your Browser Up-To-Date

Hackers always focus on Web Browsers, Flash Player, PDF Readers… etc . because it is widespread on all computers, tablets and mobiles; if any hacker wrote an exploit for vulnerability in a web brwoser he can own the thousands of computers in time, so it’s very important to keep your brwoser secure . It is your gate to the world !

Don’t Forget also to update the other softeware like (Meedia Player,acrobat reader, flash player, HW Drivers, Scanning tools,… etc)

About The Author

Ahmed Fawzy, Information Security Manager at Raya Contact Center