internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
p. 142<br />
Symantec Corporation<br />
Internet Security Threat Report <strong>2013</strong> :: Volume 18<br />
VULNERABILITy TRENDS<br />
Zero-day Vulnerabilities<br />
Background<br />
A zero-day vulnerability is one that is reported to have been<br />
exploited in the wild before the vulnerability is public knowledge<br />
and prior to a patch being publicly available. The absence<br />
of a patch for a zero-day vulnerability presents a threat to<br />
organizations and consumers alike, because in many cases<br />
these threats can evade purely signature-based detection until a<br />
patch is released. The unexpected nature of zero-day threats is a<br />
serious concern, especially because they may be used in targeted<br />
attacks and in the propagation of malicious code.<br />
Data<br />
Figure D.4. Volume of Zero-day Vulnerabilities, 2006–2012<br />
Source: Symantec<br />
20<br />
15<br />
10<br />
5<br />
13<br />
2006<br />
15<br />
2007<br />
9<br />
2008<br />
12<br />
2009<br />
14<br />
2010<br />
Methodology<br />
Zero-day vulnerabilities are a sub-set of the total number of<br />
vulnerabilities documented over the reporting period. A zeroday<br />
vulnerability is one that appears to have been exploited in<br />
the wild prior to being publicly known. It may not have been<br />
known to the affected vendor prior to exploitation and, at the<br />
time of the exploit activity, the vendor had not released a patch.<br />
The data for this section consists of the vulnerabilities that<br />
Symantec has identified that meet the above criteria.<br />
8<br />
2011<br />
14<br />
2012