This week Google patched an Android flaw that attackers were already exploiting, and you’ll have seen it called a "zero-day." The term gets thrown around a lot, so here’s what it actually means: a zero-day is a security hole that attackers find and start using before the vendor has a fix ready. The vendor has had "zero days" to patch it — hence the name.

Why does that matter to you? With an ordinary vulnerability there’s a patch available and you’re racing to install it before someone takes advantage. With a zero-day the attackers are already in front — there’s nothing to install yet. That’s why the US cyber agency CISA keeps a public Known Exploited Vulnerabilities catalogue and gives agencies only days to act on the worst ones. For a smaller business the lesson is blunt: "fully patched" and "safe" aren’t quite the same thing.

Two things genuinely protect you here. First, patch fast once a fix does land — most damage happens in the gap between a patch being released and you getting around to it. Second, build in layers so one compromised app or device doesn’t hand over everything: endpoint protection, least-privilege accounts (so a normal login can’t do admin-level damage), MFA, and someone actually watching the alerts.

None of this calls for panic — just a setup that assumes something will eventually slip through. If you’d like to know where your business stands, our managed IT team can walk you through it.