Vista Exploit Surfaces on Russian Hacker Site 103
Datamation writes "Exploit code for Windows Vista (though at this point only proof-of-concept code) has been published to a Russian hacker site, Eweek reports. Certain strings sent through the 'MessageBox' API apparently cause memory corruption. Though this is obviously cause for concern, at the moment it would seem access to the system would already be required to make use of the exploit. Determina has an analysis of the bug. Just last week, Trend Micro reported that Vista zero-days are being sold at underground hacker sites for $50,000."
Meant to say this last week.. but.. (Score:5, Interesting)
Maybe the biggest customer for these zero-day exploits should be.. Microsoft?
$50,000 isn't that much compared to the other option IMHO.
Just a thought.
TLF
Double free vulnerability (Score:3, Interesting)
The article just mentions that Windows has a double free vulnerability but does not post an exploit (and neither does the russian site which originally reported this issue).
.
Re:Meant to say this last week.. but.. (Score:2, Interesting)
Re:Meant to say this last week.. but.. (Score:3, Interesting)
And obviously the people who sell these exploits want to get more than one sale out of each one. Selling them to Microsoft means, hopefully, the end of the exploit and no more sales. So if MS really did buy these exploits, they'd have to do it without letting the hackers find out it was them buying the exploits. Because the hackers would probably never want to sell them to MS.
I'm sure this fits into some science fiction plot somewhere. And the truth as it is said is often stranger than fiction.
TLF
Microsoft still hasn't learned about safe strings! (Score:3, Interesting)
More details on this (Score:4, Interesting)
Say, nice use of strcpy...
Re:Why now? (Score:5, Interesting)
A smart black hat has like a job and a life.
The only thing I can say that these script kiddies and whatnot are good for is that they are easily detectable and they alert security people of vulnerabilities so that it makes it difficult for people that are really interested in doing real damage or obtaining data that they shouldn't have.
Its really ironic how valuable these kids are. Without them, real compromises would be more common and much more painful.