Zero-day vulnerabilities are software flaws unknown to vendors. Ransomware can exploit these to bypass security. Such attacks are highly effective because no patches exist yet. They are often sold in underground markets. High-profile ransomware campaigns leverage zero-days to infect thousands before mitigation.
It matters because unknown vulnerabilities are impossible to defend against proactively. Vigilance and monitoring are essential.
It also motivates bug bounty programs and rapid patching initiatives.
Ransomware can exploit zero-day software vulnerabilities to maximize impact.
[MIT Technology Review, technologyreview.com]