Core issue
A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.
Resolution
In order to prevent Day Zero exploit, these rules can be configured CS-MARS:
- System Rule: Client Exploit - Mass Mailing Worm
- System Rule: Network Activity: Excessive Denies - Host Compromise Likely
- System Rule: Worm Propagation - Attempt
- System Rule: Sudden Traffic Increase To Port
- System Rule: Modify Host: Registry
- System Rule: Modify Host: Security
Refer to System Rules and Reports for more information.