What is a zero-day vulnerability?

A zero-day vulnerability is a software security flaw that is unknown to the software vendor or has been disclosed but not yet patched. The term "zero-day" means defenders have had zero days to fix the issue. A zero-day exploit is attack code that takes advantage of such a flaw. Zero-days are highly valuable — nation-states, criminal groups, and security researchers discover and sell them (vulnerability marketplaces). When a zero-day is disclosed (publicly or to the vendor), it becomes a known vulnerability and the vendor has a deadline to patch (responsible disclosure uses a 90-day window — Google Project Zero standard). After a patch is released, it's no longer a zero-day but unpatched systems remain vulnerable. Defense: timely patching, defense-in-depth, application whitelisting, network segmentation, and anomaly detection.