RE: defining 0day
> Unpatched Vulnerability: Working Exploit
"Working in a white hat's lab" is not as urgent as "being abused right now in
the wild".
> . . . or maybe "zero day exploit".
Proposed:
1. A 0-day EXPLOIT is an Unpatched Vulnerability that we realize is being or
has been abused.
2. A 0-day VULNERABILITY: no such thing. All vulnerabilities are either
Unpatched or Patched. They start out in Unpatched status the moment some
programmer creates them. They remain Unpatched until they are Patched.
-------------------------------------
Marvin Simkin
Manager of Information Technology
School of Earth and Space Exploration
Arizona State University
http://simkin.asu.edu/