Key Takeaways
- Zero-day exploits are dangerous due to lack of patching gap.
- Update software promptly for security patches.
- Use anti-malware and exploit protection to prevent harm.
Unless your computer isn’t connected to the internet in any way, you’re always under threat from hackers looking to exploit vulnerabilities in your operating system. The worst of these are “zero-day” exploits, but you can still do something about them.
What Is a Zero-Day Exploit?
If you clicked on this article wondering what the heck a “zero-day” exploit is, let’s get that out of the way first.
Normally, in cybersecurity, when someone discovers a vulnerability in software, they’ll let the developer know about the issue privately. Big software developers usually have so-called “bug bounty” programs, where you’ll be paid a handsome sum for finding and reporting bugs. The more serious the bug, the bigger the reward!
The bug is kept secret until it’s been patched, and the public at large is informed. With a zero-day exploit, there is no secret disclosure. Either the exploit is kept secret and used by those who discovered it, or its shared directly with the public or hacker community and there are zero days to get the issue patched. Zero-day exploits are particularly dangerous, because there’s a gap between the exploit becoming known and the software developers patching it.
Update Your Software ASAP
The good news is that, these days, developers can send out a hot fix pretty quickly, so chances are that some sort of update will be ready within hours of the news breaking. Which means that you need to update Windows as quickly as possible. Security updates are pushed through with haste, and usually just happen in the background, but it’s worth checking Settings>Windows Update to see if your computer has the latest security patches.
Anti-malware Software Is Non-Negotiable
Whether it’s Windows Defender or a third-party anti malware package, you need some sort of protection. While this type of software can’t patch vulnerabilities in Windows itself, these exploits are usually implemented with malware, or they allow malware in. So ensuring you have effective and up-to-date protection is a key part of preventing harm from zero-day exploits.
Enable Windows Defender Exploit Guard
Speaking of anti-malware software, Windows Defender has a feature known as “Exploit Guard.” This allows Defender to reduce the chances of exploits by looking for suspicious behavior that looks like it might be an exploit of some sort.
You can find the settings simply by searching for “Exploit Protection” in the Start Menu, but just about everything is turned on by default. So simply check that your exploit protection is on as it should be.
Use Firewalls
Many exploits happen to work through network vulnerabilities, and so you should employ at least one firewall and perhaps even a VPN. In my case, in addition to the standard firewall that comes with Windows, I also have a mesh network with its own smart firewall, which can block suspicious applications and network activity.
Don’t Use Admin Accounts
Many exploits depend on administrator privileges, and although Windows has checkpoints even if you’re logged in as the admin, sometimes it’s not enough. It makes much more sense to create a user account for yourself that doesn’t have admin privileges and then use that account for your normal day-to-day tasks. Then switch to the admin account if you want to make changes to your PC that require admin privileges.
While zero-day exploits are scary, and for the most part there’s not too much you can do about them, that still doesn’t mean taking a few basic precautions won’t save your bacon. Unfortunately, if you’re lucky, you’ll never even know that you dodged a bullet.
