Yeah… Unless Gen Z changed it, from 2008 to 2017 (when I got out of infosec) a 0day was an exploit that the vendor didn’t know about, and that only a few people knew about (otherwise it would be quickly known about by the vendor.)
I don’t know what @mrsemi@lemmy.world is on about, or who is upvoting them, but that would mean it’s no longer a 0day once you’ve discovered and made your own exploit for the vulnerability.
From wikipedia (still current to our definition, so I assume Gen Z hasn’t changed it):
A zero-day (also known as a 0-day) is a vulnerability or security hole in a computer system unknown to its owners, developers or anyone capable of mitigating it.[1] Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack.
Yeah… Unless Gen Z changed it, from 2008 to 2017 (when I got out of infosec) a 0day was an exploit that the vendor didn’t know about, and that only a few people knew about (otherwise it would be quickly known about by the vendor.)
I don’t know what @mrsemi@lemmy.world is on about, or who is upvoting them, but that would mean it’s no longer a 0day once you’ve discovered and made your own exploit for the vulnerability.
From wikipedia (still current to our definition, so I assume Gen Z hasn’t changed it):