The term derives from the age of the exploit (a piece of software that takes advantage of a bug or vulnerability in a computer). When Microsoft becomes aware of a security hole, there is a race to close it before more attackers discover it or the vulnerability becomes public. A “zero day” attack occurs on or before the first or “zeroth” day of vendor awareness, meaning Microsoft has not had any opportunity to disseminate a security fix to users of the software. This also applies to other software applications, not just the operating system.