Zero day exploits take advantage of the fact that most anti virus programs can only detect malicious software for as far as their definition files allow them to.

Fact: an anti virus program is only as good as the last virus that it can detect. It was emphasized in previous pages of this website that it is very important to always keep your anti virus program's definition (or DAT) files updated. However there are some instances when even being updated is not enough.

To better illustrate a zero day exploit, this series of events will serve as example:

• You just finished updating your anti virus program's definition files
• A few moments after your update, a virus author releases a virus or worm and the it so happens the updated definition files you just downloaded do not know of this newly released virus
• Moments later, your personal computer somehow gets infected by this just-released virus
• Your anti virus program is unable to stop infection. At best, it can only warn you of suspicious activity from one of the infected files

In short, zero day exploits are attacks on system vulnerabilities that are both unknown to the software vendor and the public at large. It is slowly becoming fact that attackers are working more than double time in seeking out weaknesses on the Windows system and all other popular programs common to Windows. Not all vulnerabilities are software based, some can even be weaknesses on the hardware side. Given that these vulnerabilities are unknown, it is even harder to guard against these kinds of attacks.

One particular networking security expert described zero day exploits as the attackers' holy grail. This becomes more so because there is no particular formula to follow in order to prevent being a victim of zero day exploits. Through the previous pages, we have been pointing out the practice of good computer habits and safe surfing and now with the existence of zero day exploits, those points cannot be any more over-emphasized.

To summarize, in case you decided to skip through some of the other guides:

• Install an antivirus program on your personal computer and make sure that the definition or DAT files are always up to date;
• Block unwanted email, especially those that come with attachments and are sent by total strangers;
• Install a firewall and make sure that all unwanted ports are blocked ;
• Make sure that the security patches of your version of Windows are updated. These include Internet Explorer and Outlook Express;

The preceding assumes that you have individual copies of each program installed on your personal computer. As was discussed in previous pages, most modern software vendors offer an entire internet security suite which already incorporates each program described above. Not only are they more convenient but easy to configure as well.