What Are Permanent and Unpatched Security Vulnerabilities Referred To As?
Answer: Forever Day Exploits
In computer security, a vulnerability that is attacked before the company responsible for maintaining the software or hardware has a chance to respond is known as a Zero Day Exploit. The zero-day attacks occur in the window between when the vulnerability is discovered and when the company releases some sort of patch or update to counter the attacks and seal over the security hole.
Increasingly, and to the alarm of many people within the security industry and beyond, many Zero Day Exploits are slowly morphing into Forever Day Exploits. Forever Day Exploits arise when the company responsible for the software or hardware in question fails to do anything to correct the exploit. This can occur because a product is near the end of it’s life cycle and the company no longer wishes to invest energy and money into maintaining it. In other instances, the company considers the exploit to be obscure enough or far enough removed from mission critical elements of the system that plugging the hole is a non-priority.
Unfortunately as more and more systems are connected to company-wide and global networks, there is an ever increasing chance that malicious users will be able to access devices with Forever Day Exploits and cause real harm.