Ahh TIL. Thanks for the clarification!
Comment on Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
MrNesser@lemmy.world 16 hours agoNope 0 days means
Zero-day vulnerability: A software flaw that attackers discover before the developer does.
Zero-day exploit: The method hackers use to take advantage of this unknown vulnerability.
Zero-day attack: An attack that uses a zero-day exploit to damage a system, steal data, or plant malware before a patch is available. This is a serious risk because no defenses are in place for this specific flaw yet.
The first is the most common one found in the press and is usually reported to the company so they can patch it, before press release.
sourhill@lemmy.sdf.org 16 hours ago
frongt@lemmy.zip 15 hours ago
But it would be weird to call something a “zero-day” if it wasn’t being exploited. Like if I discover a vuln, it shouldn’t be considered a zero-day, even if I report it, if I’m not exploiting it in the wild.
Cethin@lemmy.zip 8 hours ago
It was exploited. That’s how they proved it worked. They just didn’t exploit it to do anything nefarious.