One security organization (PivX Solutions) used to maintain a running list of Microsoft Internet Explorer vulnerabilities that Microsoft had been made aware of but hadn’t yet patched. There are other sites on the web frequented by hackers that maintain lists of known vulnerabilities and where hackers and malicious code developers trade information as well.
This is not to say that the zero-day exploit doesn’t exist. Unfortunately it also happens all to often that the first time the vendors or the world are made aware of a hole is when doing a forensic investigation to find out how a system was broken into or when analyzing a virus that is already spreading in the wild to find out how it works.
Whether the vendors knew about the vulnerability a year ago or found out about it this morning, if the exploit code exists when the vulnerability is made public it’s a zero-day exploit on your calendar.
The best thing you can do to protect against zero-day exploits is to follow good security policies in the first place. By installing and keeping your anti-virus software up to date, blocking file attachments to emails which may be harmful and keeping your system patched against the vulnerabilities you are already aware of you can secure your system or network against 99% of what is out there.
One of the best measures for protecting against currently unknown threats is to employ a hardware or software (or both) firewall. You can also enable heuristic scanning (a technology used to attempt to block viruses or worms that are not yet known about) in your anti-virus software. By blocking unnecessary traffic in the first place with a hardware firewall, blocking access to system resources and services with a software firewall or using your anti- virus software to help detect anomalous behavior you can better protect yourself against the dreaded zero-day exploit.