Zero-day

A zero-day (also written as 0-day) is a security vulnerability in software or hardware that is unknown to the party responsible for fixing it, typically the vendor or developer. The name refers to the fact that developers have had zero days to address and patch the flaw since its discovery. A zero-day exploit is an attack that takes advantage of such a vulnerability before a fix is available.

Zero-days are considered among the most dangerous security threats because traditional defenses like signature-based antivirus or patching cannot protect against them. They are discovered through reverse engineering, fuzzing, source code analysis, or in-the-wild observation. Once a zero-day is publicly disclosed or a patch is released, it ceases to be a zero-day, though unpatched systems remain vulnerable.

In the context of AI and machine learning, zero-days are relevant in multiple ways. AI systems themselves can contain zero-day vulnerabilities in their serving infrastructure, model APIs, or inference engines. Conversely, machine learning is increasingly used for zero-day detection, with anomaly detection models identifying unusual system behavior that may indicate exploitation of unknown vulnerabilities. AI-powered fuzzing tools can also discover zero-days faster than traditional methods, making the intersection of AI and security an active area of research.