Forever Day Bug

What Does Forever Day Bug Mean?

A forever day bug refers to a known software bug that a manufacturer has no intention of patching. In most cases, instead of publishing a patch that fixes the vulnerability, the vendor simply adds some steps to user manuals explaining how to deal with the threat. However, this is not considered an ideal method.


The U.S. Cyber Emergency Response Team (US-CERT) regularly provides security bulletins that include vulnerability warnings for control systems. However, many system vendors neglect these warnings and refrain from developing ideal patches.

Forever days are also known as iDays or infinite days.

Techopedia Explains Forever Day Bug

These kinds of vulnerabilities are generally found in control systems. For example, Stuxnet exploited a similar kind of vulnerability to attack Iran’s nuclear facilities.

Most manufacturers claim that their intention is not to create patches for forever day bugs because of when they are found in legacy products. Another reason is if a product is close to the end of its life cycle, putting time and effort into creating a patch at a later stage can be a waste of money and resources.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…