zero-day vulnerability
nullpäeva turvaauk
olemus
(1) nõrkus, millele kõrvaldamiseks pole veel turbepaika;
"esimene päev" on paiga väljastamise päev
= a known but not yet patched vulnerability
(2) nõrkus, mis kasutatakse ära juba siis, kui
tarkvara valmistaja või tarnija teda veel ei tea
= a vulnerability unknown to the provider, but exploited already
ülevaateid
https://en.wikipedia.org/wiki/Zero-day_(computing)
https://softwarelab.org/what-is-zero-day-exploit/
https://www.websecurity.digicert.com/content/dam/websitesecurity/digitalassets/desktop/pdfs/datasheet/Guide_to_Zero_Day_Exploits.pdf
https://jia.sipa.columbia.edu/sites/default/files/attachments/Healey%20VEP.pdf
https://www.rand.org/content/dam/rand/pubs/research_reports/RR1700/RR1751/RAND_RR1751.pdf
https://dzone.com/articles/zero-day-vulnerabilities-how-do-you-stop-a-threat
https://colortokens.com/wp-content/uploads/Threat_Brief_Zero_Day.pdf