Zero-Day Vulnerabilities
A zero-day vulnerability is like a secret passage in computer software that hackers find before the software’s creators do. It gives hackers unrestricted access to break into systems because there are no defenses or fixes known yet. Because zero-day vulnerabilities are not known, there are no patches or security tools that can detect them.
An example of this type of vulnerability (and its exploitation) was the Stuxnet virus. The Stuxnet virus originated in 2005 but went completely unnoticed until 2007, and was only identified in 2010. In that time, the virus was propagated to 14 distinct locations without detection. Four zero-day viruses were introduced to disable part of an Iranian nuclear program, allowing the attackers (a joint US/Israel operation) to monitor program operations without detection and subsequently slow the program.