Protecting Against the Unknown
Obviously, protection against a threat that is entirely unknown can be difficult. Often, the security flaw exploited has something to do with an operating system’s networking capabilities, thus letting the malware spread as a worm, self-replicating as it goes along. But that’s not always the case. The recent Duqu virus, for example, spreads via Word document attachments.
You can provide some protection for yourself, however, by exercising best security practices. Anything that would protect you against known threats can also help with the unknown, this includes:
Anti-virus software - A unknown threat won’t be caught during normal scans because it is not in the software’s virus definitions, but many anti-virus suites can detect potential viruses based on their actions and make an attempt to shut down or quarantine the virus.
Firewalls – Always a good idea, a firewall will protect your computer from unauthorized network access, which dramatically increases your protection against any threat, 0-day or not, that spreads itself automatically using network security flaws.
OS Patches – Unknown threats don’t always attack computers that have the latest software, but may instead use a previously unknown threat in an older operating system or older version of an operating system. Also, patches that address a 0-day threat only work if you install them, otherwise you are as vulnerable as you were when the threat first came out, and more and more unsophisticated hackers may be copying the exploit first revealed in the 0-day threat, increasing the number of attacks on that vulnerability. By keeping your OS and AV patched, you can avoid new unknown threats on older versions, and recently unknown threats for which patches have been developed since day 0.
Permission Restrictions – Both Windows 7 and Mac OS X have built-in permission restrictions that will prompt you for authorization when software that requires admin privileges is trying to run. DO NOT TURN THIS FEATURE OFF. Yes, it can be annoying, but it’s also an effective line of defense.