Zero day attack is an exploitation of unpatched software vulnerabilities that occurs on “day zero” of awareness of the vulnerability. This happens because of the lack of time between the discovery of the vulnerability and the amount of time needed by the administrator to fix that vulnerability.
CTA: New Java Zero-Days
Fireeye which is a Malware Protection Cloud (MPC) has detected a new brand-new zero days vulnerabilities that has already been used to attack several customer. The hackers used this vulnerability to install an “update” on Java version 6 and version 7. This is done by exploiting the JVM to write and read the infected codes. After exploiting the memory of the JVM then it began to download an md5 executable infected JAR from the host site and then began to run it. However, this exploitation also has some weaknesses. Sometimes it fails to load because it tries to overwrite a large number of memory and it is not completed properly making the JVM crashed. The Code itself try to make a copy of itself into a dll file making it roots on the host victim’s computer.
Source: http://blog.malwarebytes.org/intelligence/2013/03/cta-new-java-zero-days/, http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/yaj0-yet-another-java-zero-day-2.html, https://en.wikipedia.org/wiki/Zero-day_attack